Glossary

SN

SNAP

sniffing interface

SNMP

Serial Number. Part of the UDI. The SN is the serial number of your Cisco product.

Subnetwork Access Protocol. Internet protocol that operates between a network entity in the subnetwork and a network entity in the end system. SNAP specifies a standard method of encapsulating IP datagrams and ARP messages on IEEE networks. The SNAP entity in the end system makes use of the services of the subnetwork and performs three key functions: data transfer, connection management, and QoS selection.

See sensing interface.

Simple Network Management Protocol. Network management protocol used almost exclusively in TCP/IP networks. SNMP provides a means to monitor and control network devices, and to manage configurations, statistics collection, performance, and security.

SNMP2

software bypass

source address

SPAN

SNMP Version 2. Version 2 of the network management protocol. SNMP2 supports centralized and distributed network management strategies, and includes improvements in the SMI, protocol operations, management architecture, and security.

Passes traffic through the IPS system without inspection.

Address of a network device that is sending data.

Switched Port Analyzer. Feature of the Catalyst 5000 switch that extends the monitoring abilities of existing network analyzers into a switched Ethernet environment. SPAN mirrors the traffic at one switched segment onto a predefined SPAN port. A network analyzer attached to the SPAN port can monitor traffic from any other Catalyst switched port.

spanning tree

Loop-free subset of a network topology.

SQL

Structured Query Language. International standard language for defining and accessing relational

 

databases.

SRAM

Type of RAM that retains its contents for as long as power is supplied. SRAM does not require constant

 

refreshing, like DRAM.

SSH

Secure Shell. A utility that uses strong authentication and secure communications to log in to another

 

computer over a network.

SSL

Secure Socket Layer. Encryption technology for the Internet used to provide secure transactions, such

 

as the transmission of credit card numbers for e-commerce.

Stacheldraht

A DDoS tool that relies on the ICMP protocol.

State engine

Stateful searches of HTTP strings.

Statistics Processor

A processor in the IPS. Keeps track of system statistics such as packet counts and packet arrival rates.

Stream Reassembly

A processor in the IPS. Reorders TCP streams to ensure the arrival order of the packets at the various

Processor

stream-based inspectors. It is also responsible for normalization of the TCP stream. The normalizer

 

engine lets you enable or disable alert and deny actions.

String engine

A signature engine that provides regular expression-based pattern inspection and alert functionality for

 

multiple transport protocols, including TCP, UDP, and ICMP.

 

Cisco Intrusion Prevention System Appliance and Module Installation Guide for IPS 7.1

GL-20

OL-24002-01

Page 436
Image 436
Cisco Systems IPS4520K9 manual GL-20

IPS4520K9 specifications

Cisco Systems has long been a leading player in network security, and its IPS (Intrusion Prevention System) series is a testament to its commitment to safeguarding digital environments. Among its notable offerings are the IPS4510K9 and IPS4520K9 models, both designed to provide advanced threat protection for mid-sized to large enterprise networks.

The Cisco IPS4510K9 and IPS4520K9 are distinguished by their cutting-edge features that help organizations defend against a myriad of cyber threats. These systems utilize a multi-layered approach to security, integrating intrusion prevention, advanced malware protection, and comprehensive visibility across the network.

One of the primary characteristics of the IPS4510K9 is its high performance. It boasts a throughput of up to 1 Gbps, making it suitable for environments that demand rapid data processing and real-time responses to threats. The IPS4520K9, on the other hand, enhances that capability with improved throughput of up to 2 Gbps, accommodating larger enterprises with heavier network traffic. These models are equipped with powerful processors that support complex signature matching and can intelligently distinguish between legitimate traffic and potential threats.

In addition to performance, both models are designed with scalability in mind. They can be easily integrated into existing Cisco infrastructures. This facilitates a seamless enhancement of security without causing significant interruptions to ongoing operations. Moreover, they offer flexible deployment options, allowing organizations to operate them inline or out of band depending on their specific needs.

The Cisco IPS4510K9 and IPS4520K9 leverage advanced detection technologies, utilizing a variety of signature types and heuristic analysis to detect known and unknown threats effectively. They are equipped with real-time alerting and reporting capabilities, giving security teams immediate visibility into potential breaches and enabling them to respond swiftly.

Furthermore, both models support a range of management options through the Cisco Security Manager, allowing for centralized administration, streamlined policy management, and enhanced monitoring capabilities. Automated updates ensure the systems remain current with the latest threat intelligence, vital for staying ahead of evolving cyber threats.

In summary, the Cisco Systems IPS4510K9 and IPS4520K9 represent powerful solutions for organizations seeking robust intrusion prevention capabilities. With their high performance, scalability, and advanced detection technologies, these systems are essential tools in the ever-changing landscape of cybersecurity, providing enterprises with the peace of mind needed to operate securely in today's digital world.