TMS zl Management and Configuration Guide ST.1.1.100430
6-37
Intrusion Detection and Prevention
Managing the TMS zl Module with HP Network Immunity Manager
Managing the TMS zl Module with HP
Network Immunity Manager
Multiple TMS zl Modules can be configured and managed from one central
location using HP ProCurve Manager (PCM+) and HP Network Immunity
Manager (NIM). Because the TMS zl Module can detect and mitigate threats
from both internal and external sources, the TMS zl Module is the perfect
companion to NIM. NIM provides the ability to track an internal threat to its
source, mitigating the threat at the offender’s point of connection. The TMS zl
Module provides the ability to mitigate external threats with its combined IDS/
IPS and firewall capabilities.
Figure 6-15. Logical Relationship between the TMS zl Module and NIM
Figure 6-15 shows how the IDS/IPS function on the TMS zl Module sends traps
to NIM. NIM processes the trap and responds as indicated in its alert and policy
configurations. For example, NIM might shut down the switch port to which
the device that generated the threat connects.
In addition to storing and executing policies such as these, NIM manages the
entire threat management solution.