Manualshelf

TMS zl Management and Configuration Guide ST.1.0.090213

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
421422423424425426427428429430
6-22
Intrusion Detection and Prevention
Threat Detection and Prevention
Figure 6-17. Ping Scan, Inactive Device or Filter
If the host is inactive or the firewall does not let ICMP packets pass through,
the host does not return a packet.
Figure 6-18. Ping Scan, Active Device and No Filter
If the host is active and the firewall permits ICMP packets, the host returns
an ICMP Echo Reply.
Protocol Anomaly Detection
Protocol anomaly detection involves looking for irregularities in protocol
payloads when they go through the network. Protocol anomalies target an
application, so the attack indicators are hidden in the packet payload. It
requires buffering the packets, decoding the protocol, and maintaining some
basic state about a given flow, such as open, authenticated, and so on.