Cisco IPS-4255-K9 - Intrusion Protection Sys 4255 Installation Manual page 392

Glossary
Secure Socket Layer. Encryption technology for the Internet used to provide secure transactions, such
SSL
as the transmission of credit card numbers for e-commerce.
A DDoS tool that relies on the ICMP protocol.
Stacheldraht
Stateful searches of HTTP strings.
State engine
A processor in the IPS. Keeps track of system statistics such as packet counts and packet arrival rates.
Statistics Processor
A processor in the IPS. Reorders TCP streams to ensure the arrival order of the packets at the various
Stream Reassembly
Processor stream-based inspectors. It is also responsible for normalization of the TCP stream. The normalizer
engine lets you enable or disable alert and deny actions.
A signature engine that provides regular expression-based pattern inspection and alert functionality for
String engine
multiple transport protocols, including TCP, UDP, and ICMP.
A more granular representation of a general signature. It typically further defines a broad scope
subsignature
signature.
Refers to attaching rubber feet to the bottom of a sensor when it is installed on a flat surface. The rubber
surface mounting
feet allow proper airflow around the sensor and they also absorb vibration so that the hard-disk drive is
less impacted.
Network device that filters, forwards, and floods frames based on the destination address of each frame.
switch
The switch operates at the data link layer of the OSI model.
Denial of Service attack that sends a host more TCP SYN packets (request to synchronize sequence
SYN flood
numbers, used when opening a connection) than the protocol implementation can handle.
The full IPS application and recovery image used for reimaging an entire sensor.
system image
T
A Cisco Technical Assistance Center. There are four TACs worldwide.
TAC
Terminal Access Controller Access Control System Plus. Proprietary Cisco enhancement to Terminal
TACACS+
Access Controller Access Control System (TACACS). Provides additional support for authentication,
authorization, and accounting.
TVR. A weight associated with the perceived value of the target. Target value rating is a
target value rating
user-configurable value (zero, low, medium, high, or mission critical) that identifies the importance of
a network asset (through its IP address).
Transmission Control Protocol. Connection-oriented transport layer protocol that provides reliable
TCP
full-duplex data transmission. TCP is part of the TCP/IP protocol stack.
The TCPDUMP utility is a free network protocol analyzer for UNIX and Windows. It lets you examine
TCPDUMP
data from a live network or from a capture file on disk. You can use different options for viewing
summary and detail information for each packet. For more information, see http://www.tcpdump.org/.
Cisco Intrusion Prevention System Appliance and Module Installation Guide for IPS 7.0
GL-20
OL-18504-01