Implementing business policies – HP Transcend Traffix Manager User Manual

80

C

HAPTER

9: U

SING

E

VENT

R

ULES

Implementing

Business Policies

Some organizations and network administrators have specific policies
about how the network can be used, in general or at different times of
day. Detect Network Misuse and Detect Unauthorized Machine Access
event rules are powerful tools for detecting behavior that does not
conform to such policies.

You might require that most of your network bandwidth is available for
backups at night. You could configure a Detect Network Misuse event
rule to spot significant traffic during the night which is not backup traffic.

You might also require that bandwidth be available on certain links for
certain activities at certain times of day. For example, you could use a
Detect Network Misuse event rule to spot Web traffic on a WAN link
during working hours.

You can create Detect Unauthorized Machine Access event rules to check
that only authorized devices access important machines at critical times,
for example, during backup.

As all rules have a time filter, you can configure event rules that only
apply at certain times of day. For example, you could configure a Monitor
Critical Devices event rule to generate an event if the behavior of your
backup server changes significantly during the night.