Manualshelf

HP Network Protector SDN Application Administrator Guide

ManualsBrandsHP ManualsSoftwareHP Network Protector SDN Application 250 Concurrent Clients E-LTU
31323334353637383940
6 Setting Policies
VLAN Groups
You can group the VLANs into logical groups to assign policies. You can create custom policies
for each logical group based on the requirement of the group.
For example, in a university campus, you can create two VLAN groups. You can group all the
VLANs in the main university campus into one group and all the VLANs in the dormitory as the
other group. You can apply customized policies to manage both groups.
Creating a new VLAN group
1. Select Groups.
2. Click the icon. The Create new group page appears.
3. Enter a logical name for the group in the Group Name text box.
4. Select the VLANs that you want to group from the list of available VLANs.
5. Click the to group the VLANs.
6. To add a VLAN that is not listed, enter the VLAN number in the VLAN text box, and click Add.
7. Click Create. The group is added to the Groups view.
About general policies
You can set general policies for all the hosts in the network to manage and mitigate malicious
traffic and host name requests. General policies enable the application to detect changes in network
traffic patterns. The general policies prevent the host from acting like a botnet and being controlled
by external malicious computers. By default, the general policies are turned off.
You can set the policies for the following network traffic pattern in your system:
Unique threat. Number of unique threats originating from a host. Unique threats include threats
matching RepDV database and custom blacklist entries.
DNS requests per second. Number of DNS requests originating from a host per second.
When network traffic from a host exceeds the policy limits, you can configure application to perform
one of the following actions:
DescriptionAction
When a host breaches the general policies, the application
blocks the host from sending current and all subsequent
Block
packets. The block on the traffic ensures that the attack
never reaches its destination. You can choose to block a
host to completely isolate the host from the network.
Blocks the host from sending current and all subsequent
packets and sends a mail notification to the administrator.
Block and Notify
When a host breaches the general policies, the application
quarantines the host. That is, the host is blocked from
Quarantine
accessing any resource on the network except the hosts
listed in the ACL (Access Control List) under Policy
Enforcement Settings. The host is directed to a known safe
site or the DNS is resolved to report that the domain does
not exist.
38 Setting Policies