Glossary
GL-20
Cisco Intrusion Prevention System Sensor CLI Configuration Guide for IPS 7.2
OL-29168-01
SNAP
Subnetwork Access Protocol. Internet protocol that operates between a network entity in the
subnetwork and a network entity in the end system. SNAP specifies a standard method of encapsulating
IP datagrams and ARP messages on IEEE networks. The SNAP entity in the end system makes use of
the services of the subnetwork and performs three key functions: data transfer, connection
management, and QoS selection.
sniffing interface
See sensing interface.
SNMP
Simple Network Management Protocol. Network management protoc ol used almost exclusively in
TCP/IP networks. SNMP provides a means to monitor and control network devices, and to manage
configurations, statistics collection, performance, and security.
SNMP2
SNMP Version 2. Version 2 of the network management protocol. SNMP2 supports centralized and
distributed network management strategies, and includes improvements in the SMI, protocol
operations, management architecture, and security.
software bypass
Passes traffic through the IPS system without inspection.
source address
Address of a network device that is sending data.
SPAN
Switched Port Analyzer. Feature of the Catalyst 5000 switch that extends the monitoring abilities of
existing network analyzers into a switched Ethernet environment. SPAN mirrors the traffic at one
switched segment onto a predefined SPAN port. A network analyzer attached to the SPAN port can
monitor traffic from any other Catalyst switched port.
spanning tree
Loop-free subset of a network topology.
SQL
Structured Query Language. International standard language for defining and acc essing relational
databases.
SRAM
Type of RAM that retains its contents for as long as power is supplied. SRAM does not require constant
refreshing, like DRAM.
SSH
Secure Shell. A utility that uses strong authentication and secure communications to log in to another
computer over a network.
SSL
Secure Socket Layer. Encryption technology for the Internet used to provide secure transactions, such
as the transmission of credit card numbers for e-commerce.
Stacheldraht
A DDoS tool that relies on the ICMP protocol.
State engine
Stateful searches of HTTP strings.
Statistics Processor
A processor in the IPS. Keeps track of system statistics such as packet counts and packet arrival rates.
STP
Spanning Tree Protocol. A network protocol that ensures a loop-free topology for any bridged Ethernet
local area network. STP prevents bridge loops and the broadcast radiation that results from them.
Spanning tree also allows a network design to include spare (redundant) links to provide automatic
backup paths if an active link fails without the danger of bridge loops or the need for manual
enabling/disabling of these backup links.
Stream Reassembly
Processor
A processor in the IPS. Reorders TCP streams to ensure the arrival order of the packets at the various
stream-based inspectors. It is also responsible for normalization of the TCP stream. The normalizer
engine lets you enable or disable alert and deny acti ons.