HP Network Protector SDN Application Administrator Guide

ManualsBrandsHP ManualsSoftwareHP Network Protector SDN Application 250 Concurrent Clients E-LTU

DescriptionAction

For example, when a host is quarantined, all the traffic

from that host is blocked, but the host can access the IP

phone, if the IP phone server is listed in the ACL.

The application quarantines the host and sends a mail

notification to the administrator.

Quarantine and Notify

About VLAN group policies

Policies are a collection of filters or rules that provide a method for setting up security configuration

options for VLAN groups. You can create customized policies for each VLAN group based on the

requirements and the threat type for each group. Before the application allows or blocks DNS

traffic for a VLAN group, it examines the policy for the group and then examines information from

the RepDV database services feed. By default, the policies are enabled.

You can customize the policies for the groups by setting the reputation scores. You can set up

policies for each group to protect your network from the following threat types:

Table 4

MeaningThreat type

Malicious software is installed on your computer through

the internet without your knowledge and your computer is

Botnet

used to perform repetitive tasks. The tasks can include

sending out spam mails, spread malicious software, and

perform other illegal activities. When performing these

tasks the performance of your computer might slow down.

Malware is the abbreviation for malicious software.

Malware is installed on your computer without your

Malware

knowledge to disrupt your computer operation or to gather

sensitive information. The information gathered can be

used to display unsolicited advertisements or redirect

affiliate marketing revenues to the malware creator.

Misuse and abuse of the network resources. This is similar

to the peer-to-peer protocols where the network resource

Misuse and Abuse

and bandwidth are primarily used to share music and video

files.

A network worm is a standalone malware computer

program that replicates itself to spread to other computers.

Network Worm

Often, it uses a computer network to spread itself, relying

on security failures on the target computer to access it.

Unlike a computer virus, it does not need to attach itself to

an existing program.

Peer-to-peer protocols are primarily used to share music

and video files, and essentially turn a personal computer

Peer-to-peer (P2P)

into a file server which makes its resources and those of

its host network available to the peer-to-peer community.

Electronic spamming is the use of electronic messaging

systems to send unsolicited bulk messages (spam),

especially advertising, indiscriminately.

Spam

Spyware is a type of software that transmits information

without the user's knowledge or permission. Spyware may

Spyware

be the result of a virus infection or may be installed along

with other applications. Spyware often consumes vast

resources and can slow systems and, in some cases, cause

systems to become unstable or unusable.

Web Application Attackers generally look for vulnerabilities

in a network. Writing malicious code, they try to find the

Web Application Attackers

About VLAN group policies 39