Manualshelf

HP ProCurve Threat Management Solution Implementation Guide 2009-05

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
231232233234235236237238239240
4-21
HP ProCurve Network Immunity Manager with HP ProCurve Security Devices
Step 1: Establish a Policy
7. Under Offender, specify a source device, using its IP address, port, or MAC address.
8. Under Victim, specify a destination device, using its IP address, port, or MAC address.
9. For Comment, type a plain-text comment that describes the purpose of this exclusion. For
example, you might enter Test NAT to lab.
10. Click OK. The new exclusion is shown in the Exclusion List for that threat type.
To remove an exclusion, select it in the list and click Remove.
Figure 4-18. NIM Configuration > Exclusion List Window
To change the source or destination for an existing exclusion, complete the following steps:
1. Select the exclusion and click Edit. The NIM Edit Exclusion Entry window is displayed.
2. Edit any information that you want to change.
3. Click OK.
Add Exclusions from the Event Window. You can immediately add an exclusion as you
review events by using the Event Exclusion utility:
1. In the PCM+ navigation tree, select an agent group, device group, or device name. (You
may need to expand a folder in the navigation tree.)
2. In the right pane, click the Events tab.
3. Right-click an event triggered by a device you want to exclude from a particular type
of alert.