Manualshelf

TMS zl Management and Configuration Guide ST.1.1.100430

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
1301130213031304130513061307130813091310
A-78
Command-Line Reference
Global Configuration Context
ips full-inspection
By default, the TMS zl Module inspects only the first the first few kilobytes of
each connection in each direction. However, you can specify that every packet
in every session be inspected by the IDS/IPS. This option consumes more
system resources but it also provides the best security effectiveness.
To configure the inspection option, enter the following command:
Syntax: ips full-inspection < enable | disable >
ips protocol-anomaly
The ips protocol-anomaly command allows you to configure settings for
HTTP, MIME, and SMTP protocol anomalies. This command is only available
when the TMS zl Module is in routing mode.
HTTP. You can set the following HTTP parameters:
Maximum header size
Maximum line size
Maximum Uniform Resource Identifier (URI) line size
Maximum number of lines
To configure HTTP protocol anomalies, enter the following command (you
can configure only one parameter at a time):
Syntax: ips protocol-anomaly http [header-size <header size> | header-line-size
<header line size> | uri-line-size <URI line size> | lines <number of lines>]
Replace <header size> with the maximum header size in bytes (100 to 5120).
Replace <header line size> with the maximum header line size in bytes (100
to 5120).
Replace <URI line size> with the maximum URI line size in bytes (1 to 3072).
Replace <number of lines> with the maximum number of lines (10 to 50).
MIME. You can configure the following MIME parameters:
Maximum header size
Boundaries
To configure MIME protocol anomalies, enter the following command (you
can configure only one parameter at a time):