Operating Notes for Port Security | HP Networking TopTool Products

Setting Up Security for a Device

Operating Notes for Port Security

Figure 14-11.Intrusion Log with Intrusions Entered for Ports A1 and A2

How the Intrusion Log Operates

The Intrusion Log gives you a list of the 20 most recent security violation attempts, and appears in both the web browser interface and the switch console. The log shows the most recent intrusion at the top of the listing. You cannot delete Intrusion Log entries. Instead, if the log is filled when the switch detects a new intrusion, the oldest entry is dropped off the listing and the newest entry appears at the top of the listing.

Keeping the Intrusion Log Current by Resetting Flags

When a violation occurs on a port, an intrusion flag is set for that port and the violation is entered in the Intrusion Log. The switch can detect and handle subsequent intrusions on that port, but will not log another intrusion on the port until you go to the Intrusion Log and use the Reset Port Intrusion Flags button to reset the port’s intrusion flag.

Operating Notes for Port Security

Identifying the IP Address of an Intruder

The Intrusion Log lists intruders by MAC address. If you are using HP TopTools for Hubs & Switches to manage your network, you can use the HP TopTools inventory reports to link MAC addresses to their corresponding IP addresses. (Inventory reports are organized by device type; hubs, switches, servers, etc.)

14-20

Image 200

HP Networking TopTool Products manual Operating Notes for Port Security, Identifying the IP Address of an Intruder, 14-20

Contents

HP TopTools for Hubs & Switches User Guide Page HP TopTools for Hubs & Switches User Guide Applicable Product Contents Device Topology Node Port Table Listing Devices Configuring PollingHardware and Software Requirements Custom Groups Searching for Devices Locating a Node Monitoring Network Traffic Top Conversations Inventory of End Nodes Quality of Service Overview Basic Operation Managing Switches Viii Performing Diagnostics How to Update the Map Files Appendix a Starting HP TopTools for Hubs Switches Quick Start Getting Around in HP TopTools Quick Start Maps Viewing Your Network DevicesDevices Policies Quality of ServiceUsing the Panner Configuration Policies Examining Alerts Configuring and Monitoring Devices List of Networking Devices T e Viewing Network Traffic Traffic Monitor Top Talkers Optimizing Your NetworkNetwork Meter How to Get Support Topics covered in this chapter include IntroductionIntroduction to HP TopTools HP TopTools for Hubs & Switches Introduction HP TopTools for Hubs & Switches Home Ware running and know how to use your network utilities Network Devices Features Viewing a List of Devices Network Traffic Network GrowthHP Devices Supported Group Policies Snmp HP Switches Supported J2611A Learning to Use HP TopTools HP Procurve Switches & Hubs Technical Support HP TopTools Technical Product Support Introduction System Requirements Hardware and Software RequirementsSystem Requirements Requirements System Requirements Discovering Your Devices Beginning Discovery Discovering Your Devices Discovery StatusSelecting Networks Networks Page of Settings for Discovery Adding Devices for Discovery Configuring Discovery Settings Settings Page of Settings Discovery Troubleshooting Discovery Additional Community Names Inventory of Devices This chapter contains information on Interpreting the Alert Log Automatic Fault FindingAlerts Alerts Alerts Common Faults Fault Description, Cause and Actions Check for faulty cabling, transceivers, and NICs Closing Alerts Launching the Device ViewAcknowledging Alerts First Time Installation Information Filtering AlertsSorting Alerts Selecting Alert Log Filters Selecting Alert Log Filters Topology Filtering by Alert StateFiltering by Alert Severity Filtering by Device Click on the + or boxes to add or remove search criteria Selecting Alert Log Filters Custom GroupsSelecting Alert Log Filters Search Configuring Action on Alerts Search Configure Actions on Alerts Deleting Closed Alerts Alerts Networking Devices Listing Devices Configuring Polling Communication from the list Device Communication Settings SNMP/Trap Configuration Selecting Actions for Devices Device Topology Thresholds Dialog Box Write in order for your devices to be mapped Topology of Networking Devices Custom Groups When a link has been clicked on, it is no longer blueNode Port Table Searching for Devices Custom Groups Search Networking Devices Group Policies Creating Groups Group Policies Viewing the Devices in a GroupMembers of a group Adding a Group Modifying a Group Group Configuration Modify Group Adding a Device to a Group Removing a Device from a Group Changing the Group Name Configuring Group Policies Main Configuration Policies General Configuration Policies Snmp System Information Alert Configuration Policies Checking Firmware Versions Removing Trap Receivers Setting Fault SensitivitySending Alerts to the HP TopTools Management Station Advanced Switch Features Advanced Switch Features Automatic Broadcast Control ABC Enabling Broadcast Control for IP Enabling Broadcast Control for IPX Automatic IP Gateway Configuration Internet Group Management Protocol Igmp Security Configuration Policies Spanning Tree ProtocolCommunities Forward with High Priority Adding a Community Security Policies Configuring Authorized Managers Modifying a CommunityDeleting a Community Adding or Deleting an Authorized Manager Viewing Your Maps Displaying Maps Map Server Settings Viewing Your Maps Default View Automatic Map Generation Cluster Size Map Styles Launching a Map Spacing Using the Panner Launching the Device View SNMP/Trap Configuration Options for Displaying MapsOptions Refresh Maps Options-Labeling Options-Legend Locating a NodeChanging Map Views Monitor Viewing Your Maps Using Traffic Monitor Monitoring Network Traffic Traffic Monitor Main Monitoring Network Traffic Reading the Traffic Information Gauges Reading the Segment Histogram Comparing Segments Across Different Medias Setting ThresholdsSelecting Segment Groups and Segments Thresholds Window Displaying the Network Meter Who Are the Top 5 Talkers? Options Button Top 5 Talkers Other Top Talkers Not in Selected Minute Others Top5 View Menu ItemsLocating a Segment or End Node Data sampler for this segment Traffic Data Collector Settings Discovery/Topology Data Automatic is checked Automatic MonitoringManual Monitoring Configuring Ports for Manual Monitoring Adding Ports for Manual MonitoringRemoving Selected Devices Remove All Devices Traffic Data Collector Storage Settings Traffic Data Storage Traffic Data Collector Performance Troubleshooting Traffic Monitor Traffic Data Collector Performance Connection to Server Lost Monitoring Network Traffic This chapter includes the following topics Planning for Network GrowthMeeting the Challenges Planning for Network Growth Using Network ToolsPlanning with the Network Performance Advisor Starting the Network Performance Advisor 10-3 Creating a New Report Welcome Page for Network Performance Advisor Modifying Your Settings Report Generation Page of Network Performance Advisor To cancel a report, click on the Cancel analysis button Worsen network performance during periods of normal useYou can only create one report at a time 10-6 Viewing a Report Report Properties Section Summary of Recommendations Section With Data Available Reorganize Your Current Equipment 10-9 Recommendation Details Section 10-11 Dividing Segments into Workgroups Add or Upgrade EquipmentHow the Data is Analyzed Traffic pattern before dividing into workgroups Traffic Pattern after Dividing into Workgroups 10-14 Converting Segments to Desktop Switching Top ConversationsUpgrading Segments to Faster Speed Media Dedicating Bandwidth to Top Talkers Top Conversations Inventory of End Nodes 10-17 When There Are No Recommendations AdministrationControlling Data Storage May not be valid Understanding HP Sampling How the Network Performance AdvisorCollects Data 10-20 Potential Problems with Data Collection Segments not Selected for Analysis Segments Excluded from AnalysisSegments that do not have Devices with Sampling Capability Quality of Service Overview HP Procurve Switch 8000M HP Procurve Routing Switch 9308M and 9304MHP Procurve Routing Switch 6308M-SX and 6208M-SX Switch using the switchs web browser or console interface 11-3 Basic OperationHP TopTools QoS operates on two levels as described below Viewing All Currently Configured QoS Policies Configuring QoS for Specific Devices IP Addresses Adding a Policy for a Specific IP Address Adding a Policy for an IP Address 11-6 Configuring a QoS Policy for IP Type Service ToSToS Configuration Options Differentiated Services Switch Ports11-7 Outbound ToS Option Procurve How To Configure a ToS Policy Vlan Configuring a QoS Policy for Specific Protocols DECNet AppleTalk QoS Policy for a Specific Protocol Configuring a QoS Policy for a Specific Click on the Return button to return to the Main QoS 11-12 Accessing Hub Features Device Management Features 12-2 Accessing Hub FeaturesViewing Device Identity Information Interpreting Device Status Reading the Performance Gauges Performance Gauges for a Hub Switching Hub Global Counters Global CountersHub Global Counters Gauge Attributes Counters are described in the following table Global Counters12-6 Counter Description See the online help for information on each counter Configuring Your DevicePort Counters Fault Detection Hub Device View Configuring IP System Information 12-10 Hub IP ConfigurationSwitching Hub IP Configuration Port Configuration Setting DescriptionInformation is described in the following table Port Information Bridge Enable/Disable Backup Links Parameter Description Configuring Load Balancing-Switching HubsBackup Link Parameters Support URL Select Technical Support 12.The Support 12-15 12-16 Managing Switches Displaying Switch StatusStatus Overview This chapter has information on Managing Switches Graph Area Port Status Alert Log Area 13-4 Port Status settings are described in the following tablePort Status Settings Switch Identity Information Identity Page for HP Switch 800T Configuring Switch Features Device View Device View for the HP Procurve Switch 2424M IP Configuration Characteristics of Bootp and Dhcp Help for that device 13-9 13-10 Class of ServicePort Settings Using VLANs to Maximize the CoS Benefit Is, CoS enables you toWhen it is received on the switch 13-11 13-12 DefinitionsBasic Operation CoS Priority Default Vlan as a tagged VlanQoS Setting Outbound Port Queue Operation Switch Queues Criteria for Prioritizing Outbound PacketsPriority Mapping Table Tagged Vlan TopTools Priority Criteria and Precedence Steps for Configuring CoS PriorityGuidelines for Configuring CoS Priorities Assigning a Monitoring Port 13-16 Setting Device Features Monitoring Selected Ports on a Switch HP Procurve Stack Management 11.Configuration Page for HP 8000M as Commander of a Stack Benefits of Stack Management Vlan ConfigurationStack Management with VLANs Enabling VLANs Adding a VlanRenaming a Vlan Removing a Vlan Confirm removal of the Vlan Modifying Port Vlan ConfigurationEnabling Gvrp Security 13-23 Support/Management URLsSupport URL Management Server URL 13-24 Setting Up Security for a Device Device Passwords Manager/Operator Password Combinations Setting Up Security for a Device Function of Community Names Password SettingsPasswords Read Write Results Protected Set Snmp Community Names Configuring for Community Names Select the Additional Devices tabRun Discovery again This improves the Discovery process Hub Port Security Address Selection Eavesdrop Prevention Send AlarmAuthorized Address 14-9 Setting Security Policy for Selected PortsDisable Port Setting the Security Policy for Selected Ports Hub Intrusion Log Switch Port Security Basic Operation Configuring Port Security-Planning Port Security Control Parameters Learn Mode 14-13 Configuring Authorized IP Managers 14-14 Access Levels Overview of IP Mask OperationDefining Authorized Management Stations 14-15 Configuring Port Security Enter an Authorized Manager IP address Port Security Overview Click on the Apply Changes button Switch Intrusion LogSelect Yes to Prevent Eavesdropping 10.Security Violation Entries in the Alert Log Keeping the Intrusion Log Current by Resetting Flags Operating Notes for Port SecurityIdentifying the IP Address of an Intruder How the Intrusion Log Operates Proxy Web Servers Security Violations 14-22 Performing Diagnostics Performing a Ping/Link Test Rebooting a Device Performing Diagnostics Resetting a Hub to Factory Default Settings Device Reboot Resetting a Switch 15-4 Producing a Configuration Report 15-5 15-6 Downloading Software Software Update UtilityHP Procurve Switches HP Procurve Hubs Other HP Switches Downloading Software Starting the Software Update UtilityActions button and select Update Firmware Obtaining the Software from the Web 16-3 Software updates are downloaded to Accepting the Licensing Agreement Scheduling the Software Update 16-5 Downloading Software Alert Log Showing Successful Software Update Device types HP Download ManagerObtaining New Software from HP Download Control Time, and click OK Make sure you leave the CD in the drive 16-11 How to Update the Map FilesNew software version data 16-12 Appendix a Agent Firmware VersionsVerifying Device Agent Versions Appendix a contains the following topics Preparing Network Devices Device Network AddressesIPX Networks IP Networks Configuring IP Parameters Globally Assigned IP Network Addresses T e Network Bootp Server Appendix a Index Index-1 Index-2 Index-3 Full Network button … Index-4 Index-5 Index-6 Index-7 Undo Last Load Balancing … 12-13 Update Discovery … Index-8