Manualshelf

TMS zl Management and Configuration Guide ST.1.2.100916

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
1331133213331334133513361337133813391340
A-78
Command-Line Reference
Global Configuration Context
ips full-inspection
By default, the TMS zl Module inspects only the first the first few kilobytes of
each connection in each direction. However, you can specify that every packet
in every session be inspected by the IDS/IPS. This option consumes more
system resources but it also provides the best security effectiveness.
To configure the inspection option, enter the following command:
Syntax: ips full-inspection < enable | disable >
ips inspection-depth
This command allows you to control how many bytes the TMS zl Module will
inspect in:
Client-initiated traffic
Server-initiated traffic
For each type of traffic, you can set the inspection depth from 1 byte to
approximately 2 GB (2147483647 bytes).
Syntax: ips inspection-depth <client-to-server> <server-to-
client>
Replace <client-to-server> with the number of bytes you want inspected. You
can specify a number between 1 and 2147483647 (approximately 2 GB).
Specify 0 for full session inspection.
Replace <server-to-client> with the number of bytes you want inspected. You
can specify a number between 1 and 2147483647 (approximately 2 GB).
Specify 0 for full-inspection.
ips protocol-anomaly
The ips protocol-anomaly command allows you to configure settings for
HTTP, MIME, and SMTP protocol anomalies. This command is only available
when the TMS zl Module is in routing mode.
HTTP. You can set the following HTTP parameters:
Maximum header size
Maximum line size
Maximum Uniform Resource Identifier (URI) line size
Maximum number of lines