HP ProCurve Threat Management Solution Implementation Guide 2009-05

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module

261

262

263

264

265

266

267

268

269

270

4-51

HP ProCurve Network Immunity Manager with HP ProCurve Security Devices

Step 2: Detect Threats

c. For Destination, select one of the following:

– Accept the default settings, Use defined objects and Any Address.

– Select a defined address object—For Options, accept Use defined objects and then select

an address object. You must configure this address object in advance.

– Customized service—For Options, select Enter custom IP, IP/mask or IP-Range and then

type an IP address or IP address range.

– Optionally, define source ports in the boxes provided.

14. Select the Enable this Policy check box to enable the access policy.

15. Select the Enable IPS for this Policy check box to enable IPS to check packets on this policy.

16. Select the Enable logging on this Policy check box to log access policy activities.

Note It is not recommended that you enable logging permanently, because policy logging is

processor intensive. Use logging for troubleshooting and testing only.

17. Optionally, in the Insert Position field, specify the priority of this access policy.

18. Click Next. A summary window is displayed, listing the configuration changes you have

entered.

19. If the changes are correct, click Next. (If not, click Back to change your configuration.)

After you approve your changes, the Applying Settings window is displayed, When the

changes have been applied, a message is displayed, telling you that the process was

successful.

20. Click Summary to view the details of what was changed or click Close.

Subtask: Configure the IPS. The TMS zl Module does not have IDS/IPS signatures when it

ships. To obtain these signatures, you must purchase a subscription and then register it on the

the My ProCurve Portal (https://my.procurve.com). For more information about registering the

IDS/IPS signature subscription, see the HP ProCurve Threat Management Services zl Module

Management and Configuration Guide.

Before the TMS zl Module can download the signature files, the following must be configured

properly:

■ Module IP address for a VLAN that leads to the Internet

■ Default gateway

■ DNS server(s) and domain name

■ Firewall access policies to permit:

• DNS traffic between Self and the zone that contains the DNS server

• HTTPS traffic from Self to the Internet access zone or from Self to the zone where your

Internet proxy resides

If the DNS server zone and the Internet access zone are management access zones, you do

not need to configure these access policies.

If these settings are properly configured, complete the following steps to download the

signatures:

1. In the PCM+ navigation tree, right-click the TMS zl Module.

2. In the menu that is displayed, click TMS-IPS > Signature Download.