Manualshelf

TMS zl Management and Configuration Guide ST.1.1.100430

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
71727374757677787980
1-42
Overview
IDS/IPS
Which actions are taken—Each signature or protocol anomaly is
assigned one of five severity levels:
•Critical
Severe
•Minor
•Warning
Informational
You choose the threat mitigation action for each severity level.
See “Configure IDS/IPS” on page 6-20 of Chapter 6: “Intrusion Detection and
Prevention.”
Mitigation with HP ProCurve Network Immunity Manager
TMS zl Modules can be configured to send notifications to HP ProCurve
Network Immunity Manager (NIM), which can take additional action to
mitigate network threats.
\
Figure 1-10. TMS zl Module Integration with NIM
Figure 1-10 shows how the IDS/IPS function on the TMS zl Module sends
SNMP traps to NIM. NIM processes the trap and responds as indicated in its
alert and policy configurations. For example, NIM might track the source of
the threat to its point of connection and take action there—perhaps, ordering
a switch to throttle or block the port to which the offender connects.
For more information, see “Managing the TMS zl Module with HP Network
Immunity Manager” in Chapter 6: “Intrusion Detection and Prevention.”