HP ProCurve Threat Management Solution Implementation Guide 2009-05
4-31
HP ProCurve Network Immunity Manager with HP ProCurve Security Devices
Step 2: Detect Threats
Hostswitch# show services
In this installation, the index number 2 corresponds to the TMS OS. The index number
might be different if:
• HP ProCurve ONE Services zl Modules are installed in the same switch chassis
• The product running on a Services zl Module booted first
The index numbers are assigned dynamically, according to which product boots first on
the modules in the switch chassis.
2. To begin configuring the TMS zl Module, enter the product (TMS OS) context:
hostswitch(config)# services <slot_ID> 2
Replace <slot_ID> with the letter of the slot in which the module is installed.
Enter 2 to access the TMS OS.
3. Move to the module’s global configuration context:
hostswitch(tms-module-C)# configure terminal
4. Enable management access to the zone.
hostswitch(tms-module-C:config)# management zone <zone>
Replace <zone> with the zone on which you want to enable management access. In the
example network, the management workstation is in Zone 1, so the company would define
Zone 1 as a management access zone.
hostswitch(tms-module-C:config)# management zone zone1
When you enter this command, the TMS zl Module automatically creates the access policies
that you need to manage the module. Table 4-2 and Table 4-3 list the types of traffic that
these access policies allow.
Table 4-2. [Zone] to Self
Table 4-3. Self to [Zone]
5. Associate the management workstation’s VLAN with the management access zone. If the
host switch has an IP address on that TMS VLAN, include the allow switch-ip option.
hostswitch(tms-module-C:config)# vlan <VLAN_ID> zone <zone>
allow-switch-ip
Installed Services
Slot Index Description Name
C,E 1. Services zl Module services-module
C,E 2. Threat Management Services zl Module tms-module
ICMP/echo snmp
bootpc snmptrap
bootps ssh
https
bootpc ftp radius snmptrap
bootps http radius-acct ssh
dns-tcp https smtp syslog
dns-udp ICMP/echo snmp tftp