Manualshelf

TMS zl Management and Configuration Guide ST.1.2.100916

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
501502503504505506507508509510
6-27
Intrusion Detection and Prevention
Configure IDS/IPS
When your TMS zl Module attempts to download signatures, the HP signature
server will recognize that your module has a valid IDS/IPS signature subscrip-
tion and allow it to download the signatures.
Configure Signature Detection
This section explains how to:
Download signatures
Configure your session inspection settings
Enable and disable signatures
Configure the actions that the TMS zl Module should take if it detects a
threat (a feature that is available only with the IPS in routing mode)
Download Signatures
To download the latest signature files, follow these steps:
1. Ensure that the following settings are properly configured for the module
(see “Configure Management Access Settings” in Chapter 2: “Initial Setup
in Routing Mode” or “Initial Setup” in Chapter 3: “Initial Setup in Monitor
Mode”):
IP address and subnet mask
Default gateway
DNS server and domain suffix
2. For routing mode only, click Firewall > Access Policies > Unicast and ensure
that a unicast firewall access policy permits the download of signatures.
The policy should permit either:
TCP port 443 (https) traffic between the TMS zl Module and the
signature server (the source zone should be Self and the destination
zone the zone with the Internet connection)
Traffic between the TMS zl Module and the proxy server (if you are
using a proxy server) on the port used by your proxy server (the
source zone should be Self and the destination zone the zone in which
the Internet proxy server resides)
Create a new policy if necessary. (See “Firewall Access Policies” in
Chapter 4: “Firewall.”)
3. Click Intrusion Detection > Signatures > Download or Intrusion Prevention >
Signatures > Download.