Manualshelf

HP TMS zl Module Security Administrator's Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
101102103104105106107108109110
2-26
Managing TMS zl Firewalls
Configuring Firewalls
Configuring Firewalls
Once communication is established between NIM and a TMS zl Module, you
can use the following NIM TMS management tools to configure a TMS zl
firewall in the order listed:
Named Objects (Addresses, Services, Schedules)
Firewall Properties
Firewall Zone Properties
Firewall Access Policies
NAT Policies
Multiple TMS zl Modules can also be configured simultaneously.
Configuring Named Objects
The Named Objects Wizard is used to configure named objects on a TMS zl
Module. A named object, which allows greater ease of configuration, labels
an object (such as one or more IP addresses) with a meaningful name.
For example, rather than specify the IP address of your Web server in multiple
policies, you can create an object named WebServer with the Web server’s IP
address. You can then specify the WebServer object every time that you create
a policy for controlling access to the Web server. If the IP address of the Web
server changes or you add a second Web server, you can edit the named object,
and this single change will propagate through all policies that include the
object.
Once you define a named object, you can use the same named object in firewall
access policies, NAT policies, port triggers, and VPN policies (with some
restrictions).
You can create the following types of named objects:
Address objects, which are configured as single-entry objects or
multiple-entry objects and can include IP addresses, domains, and
networks or VLANs.
Address groups, which contain multiple address objects
Service objects, which contain a protocol and single port (e.g., TCP
80), or a protocol and a range of ports (e.g., UDP 50000 to 50010).
Service groups, which contain zero or more service objects