Cisco Systems IPS4510K9 , B

Glossary

GL-3

Cisco Intrusion Prevention System Sensor CLI Configuration Guide for IPS 7.2

OL-29168-01

ASDM

Adaptive Security Device Manager. A web-based application that lets you configure and manage your

adaptive security device.

ASN.1

Abstract Syntax Notation 1. Standard for data presentation.

aspect version

Version information associated with a group of IDIOM default configuration settings. For example,

Cisco Systems publishes the standard set of attack signatures as a collection of default settings with the

S aspect. The S-aspect version number is displayed after the S in the signature update package file

name. Other aspects include the Virus signature definitions in the V-aspect and IDIOM signing keys in

the key-aspect.

atomic attack

Represents exploits contained within a single packet. For example, the “ping of death” attack is a

single, abnormally large ICMP packet.

Atomic engine

There are two Atomic engines: Atomic IP inspects IP protocol packets and associated Layer-4 transport

protocols, and Atomic ARP inspects Layer-2 ARP protocol.

attack

An assault on system security that derives from an intelligent threat, that is, an intelligent act that is a

deliberate attempt (especially in the sense of method or technique) to evade security services and

violate the security policy of a system.

attack relevance

rating

ARR. A weight associated with the relevancy of the targeted OS. The attack relevance rating is a

derived value (relevant, unknown, or not relevant), which is determined at alert time. The relevant OSes

are configured per signature.

attack severity

rating

ASR. A weight associated with the severity of a successful exploit of the vulnerability. The attack

severity rating is derived from the alert severity parameter (informational, low, medium, or high) of the

signature. The attack severity rating is configured per signature and indicates how dangerous the event

detected is.

authentication

Process of verifying that a user has permission to use the system, usually by means of a password key

or certificate.

AuthenticationApp

A component of the IPS. Authorizes and authenticates users based on IP address, password, and digital

certificates.

autostate

In normal autostate mode, the Layer 3 interfaces remain up if at least one port in the VLAN remains

up. If you have appliances, such as load balancers or firewall servers that are connected to the ports in

the VLAN, you can configure these ports to be excluded from the autostate feature to make sure that

the forwarding SVI does not go down if these ports become inactive.

Anti-Virus.

backplane

The physical connection between an interface processor or card and the data buses and the power dis-

tribution buses inside a chassis.

base version

A software release that must be installed before a follow-up release, such as a service pack or signature

update, can be installed. Major and minor updates are base version releases.

benign trigger

A situation in which a signature is fired correctly, but the source of the traffic is nonmalicious.