TMS zl Module Planning and Implementation Guide 2009-08
Table Of Contents
- Contents
- Glossary of Acronyms and Abbreviations
- 1.0 Purpose
- 2.0 Intended Audience
- 3.0 Objectives
- 4.0 Prerequisites
- 5.0 Skills
- 6.0 The HP ProCurve Threat Management Services zl Module
- 7.0 Common TMS Security Control Points
- 8.0 Deployment Considerations
- 9.0 Installation and Preparation of the TMS zl Module
- 10.0 Configuration of the TMS zl Module
- 11.0 Using multiple HP ProCurve Threat Management Services zl Modules
- Appendix A – Additional References
- Appendix B – Sample Company Information Assets Spreadsheet
- Sample “Information Assets” tab (See Embedded “Company Information Assets” Microsoft Excel 2003 spreadsheet)
- “Server Network Details” tab (See Embedded “Company Information Assets” Microsoft Excel 2003 spreadsheet)
- “TMS Zones” tab (See Embedded “Company Information Assets” Microsoft Excel 2003 spreadsheet)
- “Firewall Rules” tab (See Embedded “Company Information Assets” Microsoft Excel 2003 spreadsheet)
- /Sample “Company Information Assets” Microsoft Excel 2003 spreadsheet
- Appendix C – Information Gathering Tools
- Appendix D - Updating Switch Software
- Appendix E – Emergency Recovery Process
Page 32
Figure 13: Campus Compartmentalization Security Control Point(s)
The TMS zl Module, of course, doesn’t have to simultaneously fulfill all of its possible
roles. In Figure 13, above, a single TMS zl Module is acting as both traditional
perimeter security and is compartmentalizing a college campus network into the campus
administration portion, the business college portion, and the computer science college
portion where higher-risk activities such as virus and other malware research might be
conducted. In this scenario it is a prudent information security risk mitigation to add the
extra security controls of the firewall and IPS features between the higher-risk computer
science portion of the campus network and the lower-risk business activities in the
business college and campus administration portion of the campus network.