TMS zl Management and Configuration Guide ST.1.1.100226
6-36
Intrusion Detection and Prevention
Integration with HP ProCurve Network Immunity Manager
Integration with HP ProCurve Network
Immunity Manager
TMS zl Modules can be configured and managed from one central location
using HP ProCurve Manager (PCM+) and HP ProCurve Network Immunity
Manager (NIM). Because the TMS zl Module can detect and mitigate threats
from both internal and external sources, the TMS zl Module is the perfect
companion to NIM. NIM provides the ability to track an internal threat to its
source, mitigating the threat at the offender’s point of connection. The TMS zl
Module provides the ability to mitigate external threats with its combined IDS/
IPS and firewall capabilities.
Figure 6-14. Logical Relationship between the TMS zl Module and NIM
Figure 6-14 shows how the IDS/IPS function on the TMS zl Module sends traps
to NIM. NIM processes the trap and responds as indicated in its alert and policy
configurations. For example, NIM might shut down the switch port to which
the device that generated the threat connects.
In addition to storing and executing policies such as these, NIM manages the
entire threat management solution. NIM also offers the ability to place TMS zl
Modules in HA clusters and configure the modules together.