TMS zl Module Planning and Implementation Guide 2009-08
Table Of Contents
- Contents
- Glossary of Acronyms and Abbreviations
- 1.0 Purpose
- 2.0 Intended Audience
- 3.0 Objectives
- 4.0 Prerequisites
- 5.0 Skills
- 6.0 The HP ProCurve Threat Management Services zl Module
- 7.0 Common TMS Security Control Points
- 8.0 Deployment Considerations
- 9.0 Installation and Preparation of the TMS zl Module
- 10.0 Configuration of the TMS zl Module
- 11.0 Using multiple HP ProCurve Threat Management Services zl Modules
- Appendix A – Additional References
- Appendix B – Sample Company Information Assets Spreadsheet
- Sample “Information Assets” tab (See Embedded “Company Information Assets” Microsoft Excel 2003 spreadsheet)
- “Server Network Details” tab (See Embedded “Company Information Assets” Microsoft Excel 2003 spreadsheet)
- “TMS Zones” tab (See Embedded “Company Information Assets” Microsoft Excel 2003 spreadsheet)
- “Firewall Rules” tab (See Embedded “Company Information Assets” Microsoft Excel 2003 spreadsheet)
- /Sample “Company Information Assets” Microsoft Excel 2003 spreadsheet
- Appendix C – Information Gathering Tools
- Appendix D - Updating Switch Software
- Appendix E – Emergency Recovery Process
Page 126
10.6 Monitor Mode
One of the use cases discussed in this document is using a TMS zl Module in monitor
mode to generate security metrics that drive investment strategies for security products.
In this section, we will be using two TMS zl Modules on the perimeter. The first TMS zl
Module is in routing mode and can be utilized and configured in much the same way as
we have done in our previous sections. The other TMS zl Module will be configured in
monitor mode as an Intrusion Detection System (IDS) and will be placed on the external
network. Its job will be to report on the threats that are being presented to the TMS zl
Module in routing mode.
Here we have a single 5406 chassis that is housing two TMS zl Modules – one in Slot A
and one in Slot D. The Slot A TMS zl Module will be in monitor mode while the other is
in routing mode.
In monitor mode, the two TMS zl Module’s internal ports become very important - one
port is for management and one port is for analyzing traffic.
Figure 27