Manualshelf

HP ProCurve Threat Management Solution Implementation Guide 2009-05

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
71727374757677787980
3-12
HP ProCurve Network Immunity Manager with a Third-Party IDS/IPS
Step 1: Establish a Policy
7. If you do not want to monitor a particular type of event, simply clear the Enable Security
Monitoring option.
You can also configure the sensitivity of the analysis on this window. Configuring these
settings is described later in this chapter.
8. Click Close and then click OK.
Task: View Events
To view the events collected by PCM+ and NIM, complete the following steps:
1. In the PCM+ navigation tree, select an agent group, device group, or device name. (You
may need to expand a folder in the navigation tree.)
2. In the right pane, click the Events tab. Events are displayed as PCM+ and NIM collect them.
Note that the list includes all PCM+ events, not just NIM events. NIM events include NBAD
events, VirusThrottle
TM
(connection rate filtering) events, security-related SNMP traps,
and Policy Manager alerts.
Note that an Origin, or source, may not be listed for all NBAD events. If the NBAD engine
knows the source of the sFlow traffic that triggered the NBAD event, that device will be
listed as the source of the NBAD event. If not, no source will be provided.
Figure 3-9. <Device> > Events Window
To view additional event information, see the next task.