HP X Unified Security Platform Application Protection, attack filter package, attack traffic, Category, category settings, Classless Inter-DomainRouting (CIDR), Custom Shield Writer (CSW)

Glossary

Application Protection

Category of filter types that defend against known and unknown exploits that target applications and operating systems of workstations and servers on a network. These filters include a variety of attack protection and security policy filters. These filters detect specific recognition data to recognize an attempted attack and take specific courses of action that you define when an attempt is detected.

attack filter package

See “Digital Vaccine Package” on page 309.

attack traffic

Packets traversing a network that match at least one Application Protection (see page 308) filter.

Category

Digital Vaccine filters are organized into three main Categories based on the type of protection provided: Application Protection (see page 308), Infrastructure Protection (see page 310), and Performance Protection (see page 311). These categories are used to organize and locate filters in the LSM web application.

category settings

Category settings are used to assign global configuration settings to filters within a category. For example, a Vulnerability filter responds to attack traffic based on the category settings for the Application Protection category while a Network Equipment filter would respond based on the category settings for the Infrastructure Protection category. Users can edit individual filters within a subcategory to override the category settings for the filter. Category settings consist of the following global parameters:

•State — determines whether filters within the sub-category are enabled or disabled. If a category is disabled, all filters in the Category are disabled.

•Action Set — determines the action set that filters within a Category will execute when a filter match occurs. If the Recommended action set is configured, filters within the category are configured with the settings recommended by the Digital Vaccine team. If required, you can override the category setting on individual filters by editing the filter to define custom settings.

Classless Inter-Domain Routing (CIDR)

An address format similar to an IP address except that it is followed by a slash (/) and a specified number of bits. The number of bits indicates the significant bits in the address. In the following example, the IP source address of a packet must match all 32 bits of the IP address specified:

10.3.4.5/32

Custom Shield Writer (CSW)

An optional, stand-alone, TippingPoint application to write custom filters that can be imported for use on devices.

308X Family LSM User’s Guide V 2.5.1