TMS zl Module Planning and Implementation Guide 2009-08
Table Of Contents
- Contents
- Glossary of Acronyms and Abbreviations
- 1.0 Purpose
- 2.0 Intended Audience
- 3.0 Objectives
- 4.0 Prerequisites
- 5.0 Skills
- 6.0 The HP ProCurve Threat Management Services zl Module
- 7.0 Common TMS Security Control Points
- 8.0 Deployment Considerations
- 9.0 Installation and Preparation of the TMS zl Module
- 10.0 Configuration of the TMS zl Module
- 11.0 Using multiple HP ProCurve Threat Management Services zl Modules
- Appendix A – Additional References
- Appendix B – Sample Company Information Assets Spreadsheet
- Sample “Information Assets” tab (See Embedded “Company Information Assets” Microsoft Excel 2003 spreadsheet)
- “Server Network Details” tab (See Embedded “Company Information Assets” Microsoft Excel 2003 spreadsheet)
- “TMS Zones” tab (See Embedded “Company Information Assets” Microsoft Excel 2003 spreadsheet)
- “Firewall Rules” tab (See Embedded “Company Information Assets” Microsoft Excel 2003 spreadsheet)
- /Sample “Company Information Assets” Microsoft Excel 2003 spreadsheet
- Appendix C – Information Gathering Tools
- Appendix D - Updating Switch Software
- Appendix E – Emergency Recovery Process
Page 37
8.0 Deployment Considerations
8.1 Overview
To develop the specific configuration requirements to implement the TMS zl Module to
secure a customer’s network, some level of a company security policy is required. Since
situations will arise where existing security policies may be non-existent or not extensive
enough, this section will provide basic guidelines to assist in creating a set of rules that
will be used to develop a security design to be implemented on the TMS zl Module.
These rules will be the net result of actual business requirements placed on the network
infrastructure to achieve the desired data protection.
The primary goal of a security policy is to define rules and mechanisms to identify and
prevent the potential misuse of, or compromise of the integrity of organizational data,
networks or computer systems. In addition, it should define policies and procedures that
protect the reputation of the organization by fulfilling legal and ethical responsibilities
with regards to the IT Infrastructure, including systems, company networks and
connectivity to outside networks.
The following are additional considerations to review with customer IT management:
• It should be noted that open communication with the customer IT staff is critical to
ensure they have a proper grasp of specifically what will be secured as part of the
TMS zl Module deployment as they will have the ownership of maintaining this
solution after implementation.
• It is ultimately the responsibility of the IT staff to develop proper ongoing
monitoring, alerting, assessment, end-user education and control processes to ensure
that sensitive information is being protected appropriately. A monitoring solution
should be implemented to allow for logging and alerting of key activities that relate
to protecting the network. Minimum suggested events to capture should include
date and time of all logon attempts, logon failures, successful logon and logoff, and
may include system startup and change activities.
• A separate logging server should be used to capture syslog events from the TMS zl
Module. This will provide for proper visibility of important events and also provide
historical information needed in the occurrence of a security event. A certain date
range of logs may also be required to comply with certain regulations. HP
ProCurve Manager Plus (PCM+) with Network Immunity Manager (NIM) can
provide this capability along with the ability to perform GUI management of one or
many TMS zl Modules.
• Although it is outside the scope of the responsibilities of this implementation, if a
comprehensive security policy does not exist, it should be stressed that it is very
important for their organization to have such a written IT security policy. The
policy should be of sufficient detail to provide a foundation for defining the required
components to allow for proper security design and enforcement.
• Beyond the technical portion of the security policy addressed by the TMS zl
Module, it should also be noted that a proper security solution does not rely on only
one method of protection, such as a network device (technology). To be truly