TMS zl Module Planning and Implementation Guide 2009-08
Table Of Contents
- Contents
- Glossary of Acronyms and Abbreviations
- 1.0 Purpose
- 2.0 Intended Audience
- 3.0 Objectives
- 4.0 Prerequisites
- 5.0 Skills
- 6.0 The HP ProCurve Threat Management Services zl Module
- 7.0 Common TMS Security Control Points
- 8.0 Deployment Considerations
- 9.0 Installation and Preparation of the TMS zl Module
- 10.0 Configuration of the TMS zl Module
- 11.0 Using multiple HP ProCurve Threat Management Services zl Modules
- Appendix A – Additional References
- Appendix B – Sample Company Information Assets Spreadsheet
- Sample “Information Assets” tab (See Embedded “Company Information Assets” Microsoft Excel 2003 spreadsheet)
- “Server Network Details” tab (See Embedded “Company Information Assets” Microsoft Excel 2003 spreadsheet)
- “TMS Zones” tab (See Embedded “Company Information Assets” Microsoft Excel 2003 spreadsheet)
- “Firewall Rules” tab (See Embedded “Company Information Assets” Microsoft Excel 2003 spreadsheet)
- /Sample “Company Information Assets” Microsoft Excel 2003 spreadsheet
- Appendix C – Information Gathering Tools
- Appendix D - Updating Switch Software
- Appendix E – Emergency Recovery Process
Page 2
“Server Network Details” tab (See “Company Information Assets” Microsoft Excel 2003 spreadsheet)
“TMS Zones” tab (See “Company Information Assets” Microsoft Excel 2003 spreadsheet)
Process "Path"
(ie. C:\WINDOWS\system32\lsass.exe)
Application/Purpos e
22-Jun-09 3:45PM (PDT) CORP-ACCTG02
Windows Server
2003 Standard
10.4.20.52/16
HQ-DC01-HP8212-4, Port
D/12
dynamics.exe:2168 TCP corp-acctg02.domain.com:2712 CORP-ACCTG02:0 N/A Microsoft Dynamics
Accounting AD Group - Monday-Friday 6AM-
6PM
" " " " " " hpsmhd.exe:2168 TCP corp-acctg02.domain.com:2301 CORP-ACCTG02:0 N/A HP Systems Management Server Only
" " " " " " ismserv.exe:1860 TCP corp-acctg02:1041 localhost:ldap C:\WINDOWS\system32\inetsrv\ismserv.exe Microsoft Server Intersite Messaging Server Only
" " " " " " lsass.exe:456 UDP corp-acctg02:ipsec-msft *:* C:\WINDOWS\system32\lsass.exe Windows Local Security Authentication Server Server Only
" " " " " " javaw.exe:5524 TCP corp-acctg02:56524 corp-acctg02:0
C:\Program Files\Hewlett-
Packard\PNM\jre\bin\javaw.exe
Java support for HP Systems Management Server Only
" " " " " " javaw.exe:5524 TCP corp-acctg02:56527 localhost:3908
C:\Program Files\Hewlett-
Packard\PNM\jre\bin\javaw.exe
Java support for HP Systems Management Server Only
" " " " " " Trafficd.exe:6080 UDP corp-acct02:6343 *:*
C:\Program Files\Hewlett-
Packard\PNM\server\bin\Trafficd.exe
TrafficData Collector - HP Systems Management Server Only
Process
Protocol
Local Address
(Resolved Hostname: Port)
Remote Address
(Resolved Hostname: Port)
Notes:
User Acce ss require d or "Serve r Only"
(Who needs to communicate with this process
on this server?
Any specific time-frames required?)
Additional Information
(From TCP View properies, Process Explorer, Google, Application manuals etc.)
Server Network Details
Information Gathered on:
Server Information
From TCPView
Date
Time
Server Hostname
Serve r OS
Serve r IP
Address(es)
Physical network
connectivity
(Ie. - Switch_Hostname,
Port_Slot/Port #)
TMS Zones
Description (Types of servers,
devices, users, etc.)
Included VLANs VLAN Subnet(s)
VLAN Gateway IP
Address
VLAN Gateway
Subnet Mask
Comments
Self TMS Module Management Access N/A N/A N/A N/A
External Internet VLAN99 192.168.0.0/24 192.168.0.1 255.255.255.0
Internal All servers VLAN5-VLAN10 10.VLAN#.0.0/16 10.VLAN#.0.1 255.255.0.0
DMZ DMZ VLAN3 172.16.3.0/16 172.16.3.1 255.255.0.0
Zone1 Switch Management VLAN2 10.2.0.0/16 10.2.0.1 255.255.0.0
Zone3 Wired LAN Users VLAN20 10.20.0.0/16 10.20.0.1 255.255.0.0
Zone4 Wireless LAN Users VLAN50 10.50.0.0/16 10.50.0.1 255.255.0.0
Self TMS Module Management Access N/A N/A N/A N/A
External
Internal
DMZ
Zone1
Zone2
Zone3
Zone4
Zone5
Zone6
TMS Zones