Manualshelf

HP ProCurve Threat Management Solution Implementation Guide 2009-05

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
251252253254255256257258259260
4-41
HP ProCurve Network Immunity Manager with HP ProCurve Security Devices
Step 2: Detect Threats
9. Click OK.
10. Click Save.
Subtask: Create Access Policies. If the PCM+/NIM server is not in a management access
zone, you will need to create policies to allow SNMP, SNMP traps, and SSH traffic between:
Self and the zone that contains the PCM+/NIM server
Zone that contains the PCM+/NIM server and Self
To begin configuring the access policies needed to allow communication between the PCM+/
NIM server and the TMS zl Module, complete the following steps:
1. Click Firewall > Access Policies > Unicast.
2. From the User Group list, select None. (This is the default setting.)
3. Click Add a Policy.
Figure 4-2. TMS zl Module Add Policy Window
4. For Action, select Permit Traffic.
5. For From, select the source zone. In this case, the source zone is Self.
6. For To, select the destination zone. In this case, the destination zone is the zone that
contains the PCM+/NIM server.
7. Define the Matching Criteria.
a. For Service, select SNMP.
b. For Source, accept Any Address.
c. For Destination, click Options and select Enter custom IP, IP/mask or Range. Type the IP
address of the PCM+/NIM server.
8. Select the Enable this Policy check box to enable the access policy.
9. Select the Enable IPS for this Policy check box to enable IPS to check packets on this policy.
10. Select the Enable logging on this Policy check box to log access policy activities.