Manualshelf

HP ProCurve Threat Management Solution Implementation Guide 2009-05

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
21222324252627282930
2-11
HP ProCurve Network Immunity Manager Standalone Solution
Step 1: Establish a Policy
7. If you do not want to monitor a particular type of event, simply clear the Enable Security
Monitoring option.
You can also configure the sensitivity of the analysis on this window. Configuring these
settings is described later in this chapter.
8. Click Close and then click OK.
Task: View Events
To view the events collected by PCM+ and NIM, complete the following steps:
1. In the PCM+ navigation tree, select an agent group, device group, or device name. (You
may need to expand a folder in the navigation tree.)
2. In the right pane, click the Events tab. Events are displayed as PCM+ and NIM collect them.
Note that the list includes all PCM+ events, not just NIM events. NIM events include NBAD
events, VirusThrottle (connection rate filtering) events, security-related SNMP traps, and
Policy Manager alerts.
Note that an Origin, or source, may not be listed for all NBAD events. If the NBAD engine
knows the source of the sFlow traffic that triggered the NBAD engine, that device will be
listed as the source of the NBAD event. If not, no source will be provided.
Figure 2-9. <Device> > Events Window
To view additional event information, see the next task.