Manualshelf

TMS zl Management and Configuration Guide ST.1.1.100226

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
491492493494495496497498499500
6-28
Intrusion Detection and Prevention
Configuring IDS/IPS
key.) When your TMS zl Module attempts to download signatures, the Pro-
Curve signature server will recognize that your module has a valid IDS/IPS
signature subscription and allow it to download the signatures.
Configuring Signature Detection
This section explains how to:
Download signatures
Configure your session inspection settings
Enable and disable signatures
Configure the actions that the TMS zl Module should take if it detects a
threat (a feature that is available only with the IPS)
Download Signatures
To download the latest signature files, follow these steps:
1. Ensure that the following settings are properly configured for the module
(see “Configure Management Access” in Chapter 2: “Initial Setup in Rout-
ing Mode” or “Initial Setup” in Chapter 3: “Initial Setup in Monitor Mode”):
IP address and subnet mask
Default gateway
DNS server and domain suffix
2. Routing Mode Only: Click Firewall > Access Policies > Unicast. Ensure
that you have a unicast firewall access policy that either:
permits TCP port 443 (https) traffic between the TMS zl Module and
the signature server (the source zone should be Self and the destina-
tion zone the zone with the Internet connection)
if you are using a proxy server, permits traffic between the TMS zl
Module and the proxy server on the port used by your proxy server
(the source zone should be Self and the destination zone the zone in
which the Internet proxy server resides)
Create a new policy if necessary. (See “Firewall Access Policies” in
Chapter 4: “Firewall.”)
3. Click Intrusion Detection > Signatures > Download or Intrusion Prevention >
Signatures > Download.