Glossary

virus

Hidden, self-replicating section of computer software, usually malicious logic, that propagates by

 

infecting—that is, inserting a copy of itself into and becoming part of—another program. A virus

 

cannot run by itself; it requires that its host program be run to make the virus active.

virus update

VLAN

A signature update specifically addressing viruses.

Virtual Local Area Network. Group of devices on one or more LANs that are configured (using management software) so that they can communicate as if they were attached to the same wire, when in fact they are located on a number of different LAN segments. Because VLANs are based on logical instead of physical connections, they are extremely flexible.

VTP

VMS

VLAN Trunking Protocol. Cisco Layer 2 messaging protocol that manages the addition, deletion, and renaming of VLANs on a network-wide basis.

CiscoWorks VPN/Security Management Solution. A suite of network security applications that combines web-based tools for configuring, monitoring, and troubleshooting enterprise VPN, firewalls, network intrusion detection systems and host-based intrusion prevention systems.

VoIP

Voice over IP. The capability to carry normal telephony-style voice over an IP-based internet with

 

POTS-like functionality, reliability, and voice quality. VoIP enables a router to carry voice traffic (for

 

example, telephone calls and faxes) over an IP network. In VoIP, the DSP segments the voice signal into

 

frames, which then are coupled in groups of two and stored in voice packets. These voice packets are

 

transported using IP in compliance with ITU-T specification H.323.

VPN

Virtual Private Network(ing). Enables IP traffic to travel securely over a public TCP/IP network by

 

encrypting all traffic from one network to another. A VPN uses “tunneling” to encrypt all information

 

at the IP level.

VTP

vulnerability

VLAN Trunking Protocol. A Cisco Layer 2 messaging protocol that manages the addition, deletion, and renaming of VLANs on a network-wide basis.

One or more attributes of a computer or a network that permit a subject to initiate patterns of misuse on that computer or network.

W

WAN

watch list rating

Web Server

WHOIS

wide-area network. Data communications network that serves users across a broad geographic area and often uses transmission devices provided by common carriers. Frame Relay, SMDS, and X.25 are examples of WANs.

WLR. A weight associated with the CSA MC watch list in the range of 0 to 100 (CSA MC only uses the range 0 to 35).

A component of the IPS. Waits for remote HTTP client requests and calls the appropriate servlet application.

A TCP-based query/response protocol used for querying an official database to determine the owner of a domain name or an IP address.

 

Cisco Intrusion Prevention System Appliance and Module Installation Guide for IPS 7.1

GL-24

OL-24002-01

Page 440
Image 440
Cisco Systems IPS4520K9 manual At the IP level, GL-24

IPS4520K9 specifications

Cisco Systems has long been a leading player in network security, and its IPS (Intrusion Prevention System) series is a testament to its commitment to safeguarding digital environments. Among its notable offerings are the IPS4510K9 and IPS4520K9 models, both designed to provide advanced threat protection for mid-sized to large enterprise networks.

The Cisco IPS4510K9 and IPS4520K9 are distinguished by their cutting-edge features that help organizations defend against a myriad of cyber threats. These systems utilize a multi-layered approach to security, integrating intrusion prevention, advanced malware protection, and comprehensive visibility across the network.

One of the primary characteristics of the IPS4510K9 is its high performance. It boasts a throughput of up to 1 Gbps, making it suitable for environments that demand rapid data processing and real-time responses to threats. The IPS4520K9, on the other hand, enhances that capability with improved throughput of up to 2 Gbps, accommodating larger enterprises with heavier network traffic. These models are equipped with powerful processors that support complex signature matching and can intelligently distinguish between legitimate traffic and potential threats.

In addition to performance, both models are designed with scalability in mind. They can be easily integrated into existing Cisco infrastructures. This facilitates a seamless enhancement of security without causing significant interruptions to ongoing operations. Moreover, they offer flexible deployment options, allowing organizations to operate them inline or out of band depending on their specific needs.

The Cisco IPS4510K9 and IPS4520K9 leverage advanced detection technologies, utilizing a variety of signature types and heuristic analysis to detect known and unknown threats effectively. They are equipped with real-time alerting and reporting capabilities, giving security teams immediate visibility into potential breaches and enabling them to respond swiftly.

Furthermore, both models support a range of management options through the Cisco Security Manager, allowing for centralized administration, streamlined policy management, and enhanced monitoring capabilities. Automated updates ensure the systems remain current with the latest threat intelligence, vital for staying ahead of evolving cyber threats.

In summary, the Cisco Systems IPS4510K9 and IPS4520K9 represent powerful solutions for organizations seeking robust intrusion prevention capabilities. With their high performance, scalability, and advanced detection technologies, these systems are essential tools in the ever-changing landscape of cybersecurity, providing enterprises with the peace of mind needed to operate securely in today's digital world.