Manualshelf

TMS zl Management and Configuration Guide ST.1.0.090213

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
919293949596979899100
1-71
Overview
Feature Interaction
14. The TMS zl Module forwards the packet to the next-hop router specified
in the route to its destination IP address, tagging the frame for the
forwarding VLAN of the route.
Note that the destination IP address is the NAT destination for traffic to
which destination NAT has been applied. The destination IP address is the
destination in the delivery IP header for traffic that is part of an IPsec or
GRE tunnel.
Packet Flow in Monitor Mode
In monitor mode, the TMS zl Module acts only as an IDS. It processes traffic
as follows:
1. The TMS zl Module receives a packet on its port 1.
The module’s host switch mirrors traffic to the module’s port 1. If your
network includes other ProVision ASIC switches, which support remote
mirroring, these switches can also mirror traffic to the module’s port 1.
2. The IDS feature must be enabled (as it is by default). The TMS zl Module
checks the packet against enabled signatures and protocol anomaly
checks.
3. If the packet matches a signature or protocol anomaly, the module logs
the threat. Depending on how you have configured the log settings, the
module logs the event locally, sends a message to a syslog server, sends a
trap to an SNMP server, or sends an email.