TMS zl Module Planning and Implementation Guide 2009-08
Table Of Contents
- Contents
- Glossary of Acronyms and Abbreviations
- 1.0 Purpose
- 2.0 Intended Audience
- 3.0 Objectives
- 4.0 Prerequisites
- 5.0 Skills
- 6.0 The HP ProCurve Threat Management Services zl Module
- 7.0 Common TMS Security Control Points
- 8.0 Deployment Considerations
- 9.0 Installation and Preparation of the TMS zl Module
- 10.0 Configuration of the TMS zl Module
- 11.0 Using multiple HP ProCurve Threat Management Services zl Modules
- Appendix A – Additional References
- Appendix B – Sample Company Information Assets Spreadsheet
- Sample “Information Assets” tab (See Embedded “Company Information Assets” Microsoft Excel 2003 spreadsheet)
- “Server Network Details” tab (See Embedded “Company Information Assets” Microsoft Excel 2003 spreadsheet)
- “TMS Zones” tab (See Embedded “Company Information Assets” Microsoft Excel 2003 spreadsheet)
- “Firewall Rules” tab (See Embedded “Company Information Assets” Microsoft Excel 2003 spreadsheet)
- /Sample “Company Information Assets” Microsoft Excel 2003 spreadsheet
- Appendix C – Information Gathering Tools
- Appendix D - Updating Switch Software
- Appendix E – Emergency Recovery Process
Page 83
10.5.2 IDS/IPS
In this section, we’ll look at the steps needed to enable IPS functionality in a customer
environment. This section assumes that the TMS zl Module was purchased with an IPS
subscription service or that a separate IPS subscription service was purchased. This
subscription service enables the download of signatures to the TMS zl Module. By
default, the TMS zl Module looks for updated signatures every four hours.
The TMS zl Module does not come with any pre-loaded signatures. Internet access must
be obtained and the signatures downloaded to the module before any IPS functionality is
operational.
Now that we have the TMS zl Module working as a firewall, we will setup IPS. As
noted, we will need Internet access to get the signatures. Our original diagram has not
changed, we are simply adding VLAN 5 that interfaces with the Internet, showing what a
typical connection to the Internet will look like. We will need the following information
to complete the next steps:
Content Value
Default Gateway Address for VLAN
DNS Server(s) IP Address(es)
DNS Domain Suffix
Proxy Server Address (IP or Hostname)
Proxy Server Port
Information needed to complete IDS/IPS configuration
Note: this process assumes that you have successfully registered for an IPS/IDS
subscription.
Figure 22