HP ProCurve Threat Management Solution Implementation Guide 2009-05
4-3
HP ProCurve Network Immunity Manager with HP ProCurve Security Devices
Overview
Overview
This chapter outlines the activities that you might engage in to set up an HP ProCurve Threat
Management Solution that includes:
■ HP ProCurve Manager Plus (PCM+) 3.0
■ HP ProCurve Network Immunity Manager (NIM) 2.0
■ HP ProCurve Identity Driven Manager (IDM) 3.0 (optional)
■ HP ProCurve Threat Management Services (TMS) zl Module, which is installed in an HP
ProCurve 8200zl Series switch or an HP ProCurve 5400zl Series switch
■ HP ProCurve infrastructure devices such as:
• HP ProCurve 8200zl Series switches
• HP ProCurve 3500yl Series switches
• HP ProCurve Wireless Edge Services zl Module
This solution features a NIM + TMS zl Module deployment, which uses the following:
■ NIM’s Network Behavioral Anomaly Detection (NBAD) capabilities to analyze traffic data
and detect malicious network activity
■ NIM-IDM integration
■ TMS zl Module’s intrusion prevention system (IPS) and firewall capabilities
■ Infrastructure devices to send sFlow data, Virus Throttle
TM
events, and security-related
Simple Network Management Protocol (SNMP) traps to PCM+ and NIM
This chapter provides step-by-step instructions that are based on the phases defined in the
security management life cycle, as shown in Figure 4-1. These activities also mirror the design
steps described in Chapter 4, “Design,” in the HP ProCurve Threat Management Solution
Design Guide. If you are following the steps in the design guide, this chapter guides you through
the activities to complete these steps.
(If you want step-by-step instructions for setting up a virtual private network [VPN] on the TMS
zl Module, see Appendix C: “Configure VPNs Using the HP ProCurve Threat Management
Services zl Module.”)