Glossary
GL-21
Cisco Intrusion Prevention System Appliance Hardware Installation Guide for IPS 7.1
OL-24002-01
subsignature
A more granular representation of a general signature. It typically further defines a broad scope
signature.
surface mounting
Refers to attaching rubber feet to the bottom of a sensor when it is installed on a flat surface. The rubber
feet allow proper airflow around the sensor and they also absorb vibration so that the hard-disk drive is
less impacted.
switch
Network device that filters, forwards, and floods frames based on the destination address of each frame.
The switch operates at the data link layer of the OSI model.
SwitchApp
A component of the IPS. The IPS 4500 series sensors. have a built in switch that provides external
monitoring interfaces. The SwitchApp enables the InterfaceApp and sensor initialization scripts to
communicate with and control the switch.
SYN flood
Denial of Service attack that sends a host more TCP SYN packets (request to synchronize sequence
numbers, used when opening a connection) than the protocol implementation can handle.
system image
The full IPS application and recovery image used for reimaging an entire sensor.
T
TAC
A Cisco Technical Assistance Center. There are four TACs worldwide.
TACACS+
Terminal Access Controller Access Control System Plus. Proprietary Cisco enhancement to Terminal
Access Controller Access Control System (TACACS). Provides additional support for authentication,
authorization, and accounting.
target value rating
TVR. A weight associated with the perceived value of the target. Target value rating is a
user-configurable value (zero, low, medium, high, or mission critical) that identifies the importance of
a network asset (through its IP address).
TCP
Transmission Control Protocol. Connection-oriented transport layer protocol that provides reliable
full-duplex data transmission. TCP is part of the TCP/IP protocol stack.
TCPDUMP
The TCPDUMP utility is a free network protocol analyzer for UNIX and Windows. It lets you examine
data from a live network or from a capture file on disk. You can use different options for viewing
summary and detail information for each packet. For more information, see http://www.tcpdump.org/.
Telnet
Standard terminal emulation protocol in the TCP/IP protocol stack. Telnet is used for remote terminal
connection, enabling users to log in to remote systems and use resources as if they were connected to
a local system. Telnet is defined in RFC 854.
terminal server
A router with multiple, low speed, asynchronous ports that are connected to other serial devices.
Terminal servers can be used to remotely manage network equipment, including sensors.
TFN
Tribe Flood Network. A common type of DoS attack that can take advantage of forged or rapidly
changing source IP addresses to allow attackers to thwart efforts to locate or filter the attacks.
TFN2K
Tribe Flood Network 2000. A common type of DoS attack that can take advantage of forged or rapidly
changing source IP addresses to allow attackers to thwart efforts to locate or filter the attacks.
Comments to this Manuals