Manuals / HP / Computer Equipment / Software

HP Networking TopTool Products manual Switch Intrusion Log, Select Yes to Prevent Eavesdropping

Models: Networking TopTool Products

1 234

Download 234 pages 54.06 Kb

Page 198

Setting Up Security for a Device

Switch Intrusion Log

Figure 14-9. Security Policy Page for a Selected Port

If you want to configure authorized devices:

1.Select Static for the Learn Mode parameter.

2.Select the number of authorized addresses (devices) for the Address Limit parameter.

3.If you want to send SNMP traps notifying of attempted security violations, select Yes for the Send Alarm parameter.

4.Select Yes to Prevent Eavesdropping.

5.Click on the Apply Changes button.

Switch Intrusion Log

When an attempted security violation occurs on a port configured for Port

Security, the port drops the packets it receives from the unauthorized device.

Notice of Security violations

When a security violation occurs on a port configured for Port Security, the switch responds in the following ways to notify you:

■The switch sets an intrusion flag for that port. This flag remains until:

•You use either the console or web browser interface to reset the flag

•The switch is reset to its factory default.

■The web browser and console interfaces notify you of the intrusion. In the browser:

14-18

Image 198

HP Networking TopTool Products manual Switch Intrusion Log, Select Yes to Prevent Eavesdropping

Contents

HP TopTools for Hubs & Switches User Guide Page HP TopTools for Hubs & Switches User GuideApplicable Product Contents Listing Devices Configuring Polling Hardware and Software RequirementsDevice Topology Node Port Table Custom Groups Searching for Devices Locating a NodeMonitoring Network Traffic Top Conversations Inventory of End NodesQuality of Service Overview Basic OperationManaging Switches ViiiPerforming Diagnostics How to Update the Map Files Appendix aStarting HP TopTools for Hubs Switches Quick StartGetting Around in HP TopTools Quick StartViewing Your Network Devices DevicesMaps Quality of Service Using the PannerPolicies Configuration Policies Examining AlertsConfiguring and Monitoring Devices List of Networking DevicesT e Viewing Network Traffic Traffic MonitorOptimizing Your Network Network MeterTop Talkers How to Get Support Introduction Introduction to HP TopToolsTopics covered in this chapter include HP TopTools for Hubs & Switches IntroductionHP TopTools for Hubs & Switches Home Ware running and know how to use your network utilitiesNetwork Devices Features Viewing a List of DevicesHP Devices Supported Network TrafficNetwork Growth Group PoliciesSnmp HP Switches Supported J2611ALearning to Use HP TopTools HP Procurve Switches & Hubs Technical Support HP TopTools Technical Product SupportIntroduction System Requirements System RequirementsHardware and Software Requirements RequirementsSystem Requirements Discovering Your Devices Beginning DiscoveryDiscovery Status Selecting NetworksDiscovering Your Devices Networks Page of Settings for Discovery Adding Devices for DiscoveryConfiguring Discovery Settings Settings Page of Settings DiscoveryTroubleshooting Discovery Additional Community NamesInventory of Devices Interpreting the Alert Log Automatic Fault Finding AlertsThis chapter contains information on Alerts AlertsCommon Faults Fault Description, Cause and ActionsCheck for faulty cabling, transceivers, and NICs Launching the Device View Acknowledging AlertsClosing Alerts Sorting Alerts First Time Installation InformationFiltering Alerts Selecting Alert Log FiltersFiltering by Alert Severity Selecting Alert Log Filters TopologyFiltering by Alert State Filtering by DeviceSelecting Alert Log Filters Custom Groups Selecting Alert Log Filters SearchClick on the + or boxes to add or remove search criteria Configuring Action on Alerts SearchConfigure Actions on Alerts Deleting Closed Alerts Alerts Networking Devices Listing DevicesConfiguring Polling Communication from the listDevice Communication Settings SNMP/Trap Configuration Selecting Actions for DevicesDevice Topology Thresholds Dialog BoxWrite in order for your devices to be mapped Topology of Networking DevicesWhen a link has been clicked on, it is no longer blue Node Port TableCustom Groups Searching for Devices Custom GroupsSearch Networking Devices Group Policies Creating GroupsViewing the Devices in a Group Members of a groupGroup Policies Adding a Group Modifying a GroupGroup Configuration Modify Group Adding a Device to a GroupRemoving a Device from a Group Changing the Group NameConfiguring Group Policies Main Configuration PoliciesGeneral Configuration Policies Snmp System InformationAlert Configuration Policies Checking Firmware VersionsSetting Fault Sensitivity Sending Alerts to the HP TopTools Management StationRemoving Trap Receivers Advanced Switch Features Advanced Switch Features Automatic Broadcast Control ABCEnabling Broadcast Control for IP Enabling Broadcast Control for IPXAutomatic IP Gateway Configuration Internet Group Management Protocol IgmpCommunities Security Configuration PoliciesSpanning Tree Protocol Forward with High PriorityAdding a Community Security PoliciesDeleting a Community Configuring Authorized ManagersModifying a Community Adding or Deleting an Authorized ManagerViewing Your Maps Displaying MapsMap Server Settings Viewing Your MapsDefault View Automatic Map GenerationCluster Size Map StylesLaunching a Map SpacingUsing the Panner Launching the Device ViewOptions Refresh Maps SNMP/Trap ConfigurationOptions for Displaying Maps Options-LabelingLocating a Node Changing Map ViewsOptions-Legend Monitor Viewing Your Maps Using Traffic Monitor Monitoring Network TrafficTraffic Monitor Main Monitoring Network TrafficReading the Traffic Information Gauges Reading the Segment HistogramSetting Thresholds Selecting Segment Groups and SegmentsComparing Segments Across Different Medias Thresholds Window Displaying the Network Meter Who Are the Top 5 Talkers? Options ButtonTop 5 Talkers Other Top Talkers Not in Selected Minute Locating a Segment or End Node OthersTop5 View Menu Items Data sampler for this segmentTraffic Data Collector Settings Automatic Monitoring Manual MonitoringDiscovery/Topology Data Automatic is checked Removing Selected Devices Configuring Ports for Manual MonitoringAdding Ports for Manual Monitoring Remove All DevicesTraffic Data Collector Storage Settings Traffic Data StorageTraffic Data Collector Performance Troubleshooting Traffic Monitor Traffic Data Collector PerformanceConnection to Server Lost Monitoring Network Traffic Planning for Network Growth Meeting the ChallengesThis chapter includes the following topics Using Network Tools Planning with the Network Performance AdvisorPlanning for Network Growth Starting the Network Performance Advisor 10-3Creating a New Report Welcome Page for Network Performance AdvisorModifying Your Settings Report Generation Page of Network Performance AdvisorYou can only create one report at a time To cancel a report, click on the Cancel analysis buttonWorsen network performance during periods of normal use 10-6Viewing a Report Report Properties SectionSummary of Recommendations Section With Data AvailableReorganize Your Current Equipment 10-9Recommendation Details Section 10-11 Add or Upgrade Equipment How the Data is AnalyzedDividing Segments into Workgroups Traffic pattern before dividing into workgroups Traffic Pattern after Dividing into Workgroups 10-14Upgrading Segments to Faster Speed Media Converting Segments to Desktop SwitchingTop Conversations Dedicating Bandwidth to Top TalkersTop Conversations Inventory of End Nodes 10-17Controlling Data Storage When There Are No RecommendationsAdministration May not be validHow the Network Performance Advisor Collects DataUnderstanding HP Sampling 10-20 Potential Problems with Data Collection Segments Excluded from Analysis Segments that do not have Devices with Sampling CapabilitySegments not Selected for Analysis Quality of Service OverviewHP Procurve Routing Switch 6308M-SX and 6208M-SX HP Procurve Switch 8000MHP Procurve Routing Switch 9308M and 9304M Switch using the switchs web browser or console interfaceBasic Operation HP TopTools QoS operates on two levels as described below11-3 Viewing All Currently Configured QoS Policies Configuring QoS for Specific Devices IP AddressesAdding a Policy for a Specific IP Address Adding a Policy for an IP AddressConfiguring a QoS Policy for IP Type Service ToS ToS Configuration Options11-6 11-7 Differentiated ServicesSwitch Ports Outbound ToS Option ProcurveHow To Configure a ToS Policy VlanConfiguring a QoS Policy for Specific Protocols DECNet AppleTalkQoS Policy for a Specific Protocol Configuring a QoS Policy for a Specific Click on the Return button to return to the Main QoS11-12 Accessing Hub Features Device Management FeaturesAccessing Hub Features Viewing Device Identity Information12-2 Interpreting Device Status Reading the Performance GaugesPerformance Gauges for a Hub Hub Global Counters Switching Hub Global CountersGlobal Counters Gauge Attributes12-6 Counters are described in the following tableGlobal Counters Counter DescriptionConfiguring Your Device Port CountersSee the online help for information on each counter Fault Detection Hub Device ViewConfiguring IP System InformationHub IP Configuration Switching Hub IP Configuration12-10 Information is described in the following table Port ConfigurationSetting Description Port InformationBridge Enable/Disable Backup LinksConfiguring Load Balancing-Switching Hubs Backup Link ParametersParameter Description Support URL Select Technical Support12.The Support 12-1512-16 Status Overview Managing SwitchesDisplaying Switch Status This chapter has information onManaging Switches Graph AreaPort Status Alert Log AreaPort Status settings are described in the following table Port Status Settings13-4 Switch Identity Information Identity Page for HP Switch 800TConfiguring Switch Features Device ViewDevice View for the HP Procurve Switch 2424M IP Configuration Characteristics of Bootp and DhcpHelp for that device 13-9Class of Service Port Settings13-10 When it is received on the switch Using VLANs to Maximize the CoS BenefitIs, CoS enables you to 13-11Definitions Basic Operation13-12 Default Vlan as a tagged Vlan QoS Setting Outbound Port Queue OperationCoS Priority Priority Mapping Table Switch QueuesCriteria for Prioritizing Outbound Packets Tagged Vlan TopToolsSteps for Configuring CoS Priority Guidelines for Configuring CoS PrioritiesPriority Criteria and Precedence Assigning a Monitoring Port 13-16Setting Device Features Monitoring Selected Ports on a SwitchHP Procurve Stack Management 11.Configuration Page for HP 8000M as Commander of a Stack Vlan Configuration Stack Management with VLANsBenefits of Stack Management Renaming a Vlan Enabling VLANsAdding a Vlan Removing a VlanModifying Port Vlan Configuration Enabling Gvrp SecurityConfirm removal of the Vlan Support/Management URLs Support URL13-23 Management Server URL 13-24Setting Up Security for a Device Device PasswordsManager/Operator Password Combinations Setting Up Security for a DevicePassword Settings Passwords Read Write Results ProtectedFunction of Community Names Set Snmp Community Names Run Discovery again Configuring for Community NamesSelect the Additional Devices tab This improves the Discovery processHub Port Security Address Selection Send Alarm Authorized AddressEavesdrop Prevention Setting Security Policy for Selected Ports Disable Port14-9 Setting the Security Policy for Selected Ports Hub Intrusion LogSwitch Port Security Basic OperationConfiguring Port Security-Planning Port Security Control ParametersLearn Mode 14-13Configuring Authorized IP Managers 14-14Defining Authorized Management Stations Access LevelsOverview of IP Mask Operation 14-15Configuring Port Security Enter an Authorized Manager IP addressPort Security Overview Switch Intrusion Log Select Yes to Prevent EavesdroppingClick on the Apply Changes button 10.Security Violation Entries in the Alert Log Identifying the IP Address of an Intruder Keeping the Intrusion Log Current by Resetting FlagsOperating Notes for Port Security How the Intrusion Log OperatesProxy Web Servers Security Violations14-22 Performing Diagnostics Performing a Ping/Link TestRebooting a Device Performing DiagnosticsResetting a Hub to Factory Default Settings Device RebootResetting a Switch 15-4Producing a Configuration Report 15-515-6 Software Update Utility HP Procurve Switches HP Procurve Hubs Other HP SwitchesDownloading Software Starting the Software Update Utility Actions button and select Update FirmwareDownloading Software Obtaining the Software from the Web 16-3Software updates are downloaded to Accepting the Licensing AgreementScheduling the Software Update 16-5Downloading Software Alert Log Showing Successful Software Update HP Download Manager Obtaining New Software from HPDevice types Download Control Time, and click OK Make sure you leave the CD in the driveHow to Update the Map Files New software version data16-11 16-12 Verifying Device Agent Versions Appendix aAgent Firmware Versions Appendix a contains the following topicsIPX Networks Preparing Network DevicesDevice Network Addresses IP NetworksConfiguring IP Parameters Globally Assigned IP Network AddressesT e Network Bootp Server Appendix a Index Index-1Index-2 Index-3 Full Network button …Index-4 Index-5 Index-6 Index-7 Undo Last Load Balancing … 12-13 Update Discovery … Index-8