TMS zl Management and Configuration Guide ST.1.0.090213
2-50
Initial Setup in Routing Mode
Configure Management Access
can access management interfaces, you can edit the policy to specify the
source IPs. You can configure different access settings for each zone that is
enabled for management access, and you can also restrict these settings
according to source addresses (if you do not want to allow management
access for the whole zone).
The other preconfigured policies can also be edited or deleted. See “Firewall
Access Policies” in Chapter 4: “Firewall” for instructions.
Note When you set a management-access zone, you open your module to potential
attacks from malicious users. For instructions on limiting this risk see “Pre-
venting DoS on a Management-Access Zone” in Chapter 4: “Firewall.”
Integrate with PCM+
You can manage the TMS zl Module through HP ProCure Manager Plus
(PCM+) just as you can manage any other network device.
To manage your module through PCM+, you must configure a few settings on
the TMS zl Module first:
1. Associate the PCM+ server’s VLAN with a zone, preferably a management-
access zone. (“Plan the Zones” on page 2-7.)
2. If the PCM+ server is not in a management-access zone, you should
configure firewall access policies to permit at least ICMP/Echo, SNMP,
SNMP traps, Telnet, SSH, and HTTPS traffic to the PCM+ server.
You should also create any other policies that PCM+ and the TMS zl
Module will need to communicate. Which policies these will be depends
on how you are using the devices on your network.
3. Configure SNMPv1/2c with the PCM+ server’s community names or
SNMPv3 with a management account.
For more instructions on managing the TMS zl Module through PCM+, see the
ProCurve Manager Network Administrator’s Guide, version 3 or later.
To integrate with HP ProCurve Network Immunity Manager (NIM), see “Inte-
gration with HP ProCurve Network Immunity Manager” in Chapter 6: “Intru-
sion Detection and Prevention.”