Manualshelf

HP ProCurve Threat Management Solution Implementation Guide 2009-05

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
201202203204205206207208209210
3-143
HP ProCurve Network Immunity Manager with a Third-Party IDS/IPS
Step 3: Respond to Threats
18. Select one of the following:
Execute All—NIM performs all actions on all target devices in the specified order.
Execute Until Success—NIM attempts actions in order on each target device until
an action succeeds, then moves on to the next target device.
Act on Edge Ports Only—NIM attempts the actions on edge ports if the action is
port-oriented.
19. Optionally, select the Rollback Actions check box to set a rollback interval. The action is
undone at the end of the rollback interval. For instance, you could respond to an alert by
blocking the source port for five minutes and then unblocking the port.
20. Click Close or Apply to complete the policy definition. Clicking Apply completes the policy
definition; clicking Close completes the definition and closes the Policy Manager.
Task: Enable Policy Execution
Policy execution must be explicitly enabled for policy-based actions to be applied. Policy
execution is disabled by default, and you might have disabled policy execution (or left it
disabled) in earlier steps. Now you need to enable it for your actions to take effect.
To enable policy execution, complete the following steps:
1. Open the Preferences window by clicking Tools > Preferences.
2. Click Policy Management in the navigation tree.
3. In the Configuration Changes section of the Global: Policy Management panel, select Enable
policy actions.
Figure 3-153. PCM+ Policy Management Window
4. Click Apply and close the window.