Connection-Rate Filtering Based On Virus-Throttling Technology; Identity-Driven Management (Idm) - HP ProCurve Series 3400cl Release Notes

Procurve series

Hide thumbs Also See for ProCurve Series 3400cl:

Management manual (664 pages)

Management and configuration manual (508 pages)

Access security manual (404 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

197

page of 197

/ 197
Contents
Table of Contents
Bookmarks

Table of Contents

keys.) KMS provides specific instances of routing protocols with one or more Send or Accept keys

that must be active at the time of a request.

Refer to the chapter titled "Key Management System" in the Access Security Guide for your switch

model.

Connection-Rate Filtering Based On Virus-Throttling Technology

While not specifically a tool for controlling network access, this feature does help to protect the

network from attack and is recommeded for use on the network edge. It is primarily focused on the

class of worm-like malicious code that tries to replicate itself by taking advantage of weaknesses in

network applications behind unsecured ports. In this case, the malicious code tries to create a large

number of outbound IP connections on a routed interface in a short time. Connection-Rate filtering

detects hosts that are generating routed traffic that exhibits this behavior, and causes the switch to

generate warning messages and (optionally) to either throttle routed traffic from the offending hosts

or drop all traffic from the offending hosts.

Refer to the chapter titled "Virus Throttling" in the Access Security Guide for your switch model.

Identity-Driven Management (IDM)

IDM is a plug-in to ProCurve Manager Plus (PCM+) and uses RADIUS-based technologies to create

a user-centric approach to network access management and network activity tracking and moni-

toring. IDM enables control of access security policy from a central management server, with policy

enforcement to the network edge, and protection against both external and internal threats.

Using IDM, a system administrator can configure automatic and dynamic security to operate at the

network edge when a user connects to the network. This operation enables the network to distinguish

among different users and what each is authorized to do. Guest access can also be configured without

compromising internal security. This means that users can be identified and either approved or denied

at the edge of the network instead of in the core.

Criteria for enforcing RADIUS-based security for IDM applications includes classifiers such as:

■

authorized user identity

authorized device identity (MAC address)

■

software running on the device

physical location in the network

■

time of day

Responses can be configured to support the networking requirements, user (SNMP) community,

service needs, and access security level for a given client and device.

For more information on IDM, visit the ProCurve web site at

Products and Solutions, then Identity Driven Management (under Network Management).

Enforcing Switch Security

Network Access Security

http://www.procurve.com

and click on

Table of Contents

This manual is also suitable for:

Procurve 3400cl-48g Procurve 6400cl-6xg Procurve 6410cl-6xg Procurve 3400cl-24g

Connection-Rate Filtering Based On Virus-Throttling Technology; Identity-Driven Management (Idm) - HP ProCurve Series 3400cl Release Notes

Connection-Rate Filtering Based On Virus-Throttling Technology

Identity-Driven Management (IDM)

Related Manuals for HP ProCurve Series 3400cl

Related Content for HP ProCurve Series 3400cl

This manual is also suitable for:

Table of Contents