Manualshelf

HP ProCurve Threat Management Solution Implementation Guide 2009-05

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
61626364656667686970
2-49
HP ProCurve Network Immunity Manager Standalone Solution
Step 4: Analyze Events
Event Log. To view the event log, complete the following:
1. In the PCM+ navigation tree, select a group or device. The selected object’s window is
displayed.
2. Click the Events tab. The event log is displayed.
3. Click an event in the list to see the event details in the Event Details box below the event
list. (These details include additional information about the offender and the threat,
including—if you are using IDM—the offender’s user name.) Use the filters above the event
list to filter the events reported in the list. For instance, enter “NBAD” in the Source text
box to see only NBAD events, or use the slider at the right to see only Major and Critical
events.
Security Activity. To view the Security Activity window, complete the following steps:
1. In the navigation tree, select a device or group.
2. Click the Security Activity tab.
3. Choose a security activity type by clicking the Alerts, Actions, or Offenders tab.
4. Optionally, use the filters to display certain information.
5. Optionally, right-click lines in the table to see more detailed information. (To get back to
the top level, click the device or group in the left navigation panel.)
Policy History. To view the Policy History, complete the following steps:
1. Open Policy Manager by completing one of the following:
Click Tools > Policy Manager.
or
•Click the Policy Manager icon in the toolbar.
2. In the navigation tree, select Policies. The Manage Policies window is displayed.
3. In the Manage Policies window, click the History tab.
a. You can also access the policy history by clicking a device or group in the left navigation
panel, clicking the Policy Activity tab, and then clicking the History tab.
4. Click an event in the list to see its details in the box below.
IDM Users Window. You can also check the IDM Users window to check details about
offenders. To view these details, complete the following steps:
1. Click the Identity tab at the bottom of the navigation tree.
2. Click Identity Management Home > Realms > <Realm> Default Access Policy Group.
3. Click the Users tab.
4. Right-click a specific user and select Show Mitigation.