Manualshelf

HP ProCurve Threat Management Solution Implementation Guide 2009-05

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
281282283284285286287288289290
4-70
HP ProCurve Network Immunity Manager with HP ProCurve Security Devices
Step 2: Detect Threats
Subtask: Synchronize TMS Properties. If you want to ensure that PCM+/NIM has the
latest configuration information from your TMS zl Module, you can synchronize the TMS
properties. To do so, complete the following steps:
1. In the PCM+ navigation tree, right-click the TMS zl Module.
2. In the menu that is displayed, click TMS-Synchronize Properties. The Synchronize TMS
Properties window is displayed.
Figure 4-49. PCM+ Synchronize TMS Properties Window
3. Select the properties you want to synchronize. When the module is operating in monitor
mode, select IPS, IPS Signatures, and IP Settings.
4. Click OK. A progress window is displayed, reporting the success or failure of the synchro-
nization. It might take a while for the synchronization to be completed.
5. Click Summary to view the details of the synchronization or click Close.
Task: Configure ProCurve Security Devices Alerts
In the last task in Step 1, you made a list of security events that occurred on your network.
Now you will set up alerts that correspond to those events. These alerts will allow you to detect
security events, and in the next step (“Step 3: Respond to Threats” on page 4-78), you will use
these alerts to trigger responses to the events. (For a detailed description of the relationship
between events and alerts, see the HP ProCurve Threat Management Solution Design Guide.)
PCM+ recognizes the following types of alerts:
ProCurve NBAD Services Alerts—defines all alerts that the NBAD engine creates
ProCurve Wired Alerts—defines all alerts created from security-related SNMP traps that
ProCurve switches generate
ProCurve Wireless Alerts—defines all alerts created from security-related SNMP traps
that ProCurve wireless devices generate
ProCurve Security Devices Alerts—defines alerts created from SNMP traps that
ProCurve security devices, such as the TMS zl Module, generate
Non-ProCurve Security Devices Alerts—defines all security-related SNMP traps that
supported third-party devices generate