Manualshelf

TMS zl Management and Configuration Guide ST.1.0.090213

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
61626364656667686970
1-37
Overview
IDS/IPS
No matter which action you choose, threats are logged locally. You can also
configure the module to forward logs about threats of a specific severity (such
as Minor and higher). You can forward logs as one or more of the following:
SNMP traps
Syslog messages
Email messages
See “Configuring Event Logging” in Chapter 2: “Initial Setup in Routing
Mode” and “Configuring Event Logging” in Chapter 3: “Initial Setup in
Monitor Mode.”
IDS/IPS Configuration
The TMS zl Module allows you to create your own settings for mitigating
various types of threats. You control the following parameters:
Which threats are detected:
Choose which signatures to enable for signature-based detection
Configure protocol anomaly settings, in which you specify the
allowed values for the parameters analyzed for various protocols. For
example, you can specify the maximum allowed length of a URL
request.
Which actions are taken—Each signature or protocol anomaly is
assigned one of five severity levels:
Critical
Severe
•Minor
•Warning
Informational
You choose the threat mitigation action for each severity level.
Mitigation with HP ProCurve Network Immunity Manager
TMS zl Modules can be configured to send notifications to HP ProCurve
Network Immunity Manager (NIM), which can take action to mitigate network
threats.