Manualshelf

TMS zl Management and Configuration Guide ST.1.0.090213

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
431432433434435436437438439440
6-27
Intrusion Detection and Prevention
Configuring IDS/IPS
Backdoor
Acid Battery
Meet the Lamer
Back Orifice
•AOL Admin
Alvgus
•Ruler
Configuring IDS/IPS
When you use the TMS zl Module as an IDS, you can configure:
Protocol anomaly detection settings
Port maps
IDS signatures that are used to perform checks
Session inspection
When you use the TMS zl Module as an IPS, you can configure:
Protocol anomaly detection settings
Port maps
IPS signatures that are used to perform checks
Action that the TMS zl Module takes if threats are detected
Session inspection
Configuring Protocol Anomaly Detection
The TMS zl Module provides default settings for performing anomaly detec-
tion. You can modify these default settings as needed for your environment,
but before making such changes, you should consult the documentation for
your company’s servers to identify their limitations and capacities.
The default settings are as follows:
HTTP headers
Maximum header size—4096 bytes
Maximum line size—3072 bytes
Maximum URL line size—3072 bytes
Maximum # of lines—50 per header