Manualshelf

HP Network Protector SDN Application Administrator Guide

ManualsBrandsHP ManualsSoftwareHP Network Protector SDN Application 250 Concurrent Clients E-LTU
31323334353637383940
Table 4 (continued)
MeaningThreat type
weak points in a network security system to bypass filters
and reach data and services. These attackers seek to use
intrusion methods against areas, such as software
back-doors and poorly protected hosts and ports.
A worm is also a malicious software that spreads from one
computer to another, leaving infections as it travels. Worms
Worm
use either the network vulnerability or social engineering
to trick the user to spread. Network worms are capable of
damaging data or software and causing denial-of-service
(DoS) conditions.
Setting policies for a group
Each VLAN group is unique and requires customized rules and policies based on the requirements
and the threat type for each group.
1. To set a policy, select Policies Categories.
All the groups are listed under the Policies/Categories page.
2. Select the group to set the policy and click the icon on the toolbar.
The group page appears.
3. Click the icon to add a policy to the group.
The Create a New Policy Entry page appears.
4. Select the threat type from the Threat Type menu.
5. Set the reputation level for the host names for the selected threat type from the Reputation
Score menu.
6. Select Any option to block the user from accessing the host names originating from any country.
Or select Selection option and select the countries to block traffic from host names originating
from those countries.
7. Select one of the actions from the Action menu:
Drop: The application drops the DNS traffic when a user accesses a domain name that
is listed in the blacklist or matches the threat criteria.
Notify: The application sends out a notification to the administrator in the form of email
if a user accesses a host name that is listed in the blacklist or matches the threat criteria.
The event is logged in the application log. The application does not drop the traffic to
the domain and the user continues to access the domain.
Drop and Notify: The application sends out a notification to the administrator in the form
of email if a user accesses a domain name that is listed in the blacklist or matches the
threat criteria. The application drops the traffic to the domain.
8. Click Save to save the policy.
Setting general policies
1. Select Policies General.
The Policies/General page appears.
2. Select the policy you want to edit.
3. Click the icon to edit the general policies.
The Edit General Policies page appears.
40 Setting Policies