TMS zl Module Planning and Implementation Guide 2009-08
Table Of Contents
- Contents
- Glossary of Acronyms and Abbreviations
- 1.0 Purpose
- 2.0 Intended Audience
- 3.0 Objectives
- 4.0 Prerequisites
- 5.0 Skills
- 6.0 The HP ProCurve Threat Management Services zl Module
- 7.0 Common TMS Security Control Points
- 8.0 Deployment Considerations
- 9.0 Installation and Preparation of the TMS zl Module
- 10.0 Configuration of the TMS zl Module
- 11.0 Using multiple HP ProCurve Threat Management Services zl Modules
- Appendix A – Additional References
- Appendix B – Sample Company Information Assets Spreadsheet
- Sample “Information Assets” tab (See Embedded “Company Information Assets” Microsoft Excel 2003 spreadsheet)
- “Server Network Details” tab (See Embedded “Company Information Assets” Microsoft Excel 2003 spreadsheet)
- “TMS Zones” tab (See Embedded “Company Information Assets” Microsoft Excel 2003 spreadsheet)
- “Firewall Rules” tab (See Embedded “Company Information Assets” Microsoft Excel 2003 spreadsheet)
- /Sample “Company Information Assets” Microsoft Excel 2003 spreadsheet
- Appendix C – Information Gathering Tools
- Appendix D - Updating Switch Software
- Appendix E – Emergency Recovery Process
Page 29
Figure 10: Wired/Wireless Compartmentalization / Data Center / Perimeter
Security Control Point
Note: While multiple LAN switches are depicted above for visual clarity, the
above topology could be implemented via a single physical switch using separate
VLANs for each of the “clouds.”
Figure 10, above, depicts a single TMS zl Module acting as traditional perimeter
security, also as additional monolithic Data Center security, and compartmentalizing the
wireless portion of the network from the wired portion of the network.
Compartmentalizing wireless portions of the network from the wired portions of the
network is a common requirement in any industry segment subject to the requirements of
the Payment Card Industry Data Security Standard (PCI DSS), e.g. Retail and Hospitality
/ Entertainment sectors.