TMS zl Management and Configuration Guide ST.1.1.100226
6-30
Intrusion Detection and Prevention
Configuring IDS/IPS
Resolving Problems in Downloading Signatures. If you encounter prob-
lems while downloading signatures, try the following troubleshooting tips:
1. Ensure that your IDS/IPS signature subscription is still valid.
2. If the TMS zl Module is operating in routing mode, ensure the appropriate
access policy has been added.
• For a direct connection to the Internet, you need an access policy to
permit HTTPS from the Self zone to the zone in which your Internet
connection is located.
• For a proxy connection to the Internet, you need an access policy to
permit the proxy port from the Self zone to the zone in which your
proxy server is located.
3. Ensure that the TMS zl Module can resolve tmsupdate.procurve.com.
Configure IDS/IPS Session Inspection
The IDS/IPS engine can be configured to perform either optimized session
inspection or full-session inspection. When configured for optimized session
inspection, the IDS/IPS engine will inspect a sample of the traffic for a given
session. This will increase the performance of the TMS zl Module; however,
because less traffic through the module is subject to IDS/IPS inspection, it
may reduce the detection rate of some signatures.
Conversely, configuring the TMS zl Module for full-session inspection means
that all traffic through the TMS zl Module for a given session is subject to IDS/
IPS inspection. This will increase the effectiveness of some signatures; how-
ever, the throughput of the module will be lower by comparison to optimized
session inspection.
If you have deployed the TMS zl Module in monitor mode, you should enable
full-session inspection.
Complete the following steps:
1. Click Intrusion Detection > Signatures and click the Preferences tab or click
Intrusion Prevention > Signatures and click the Preferences tab.