Cisco Cisco Firepower Management Center 4000

Page of 1844
 
Glossary
GL-28
FireSIGHT System User Guide
 
intrusion policy
A variety of components that you can configure to inspect your network traffic for 
s and 
 violations. These components include 
s that inspect the protocol header values, 
payload content, and certain packet size characteristics; 
s commonly used in intrusion rules; a 
 configuration; 
s such as 
s and other 
detection and performance features; and 
s that allow you to generate events for 
associated preprocessor options. When your network traffic meets the conditions in an 
, you can inspect that traffic with an intrusion policy; you can also associate an intrusion policy with 
the 
intrusion rule
A set of keywords and arguments that, when applied to monitored network traffic, identify potential 
 violations, and security breaches. The system compares packets against rule 
conditions. If the packet data matches the conditions, the rule triggers and generates an 
Intrusion rules include 
layer
A complete set of 
, and 
 configurations within an 
. You can add custom 
s to the 
 or layers in your policy. A setting 
in a higher layer in an intrusion policy overrides a setting in a lower layer.
LDAP authentication
A form of 
 that verifies user credentials by comparing them to a Lightweight 
Directory Access Protocol (LDAP) directory stored on an LDAP directory server.
Lights-Out Management (LOM)
A Series 3 feature that allows you to use an out-of-band Serial over LAN (SOL) management connection 
to remotely monitor or manage 
without logging into the web interface of the appliance. You 
can perform limited tasks, such as viewing the chassis serial number or monitoring such conditions as 
fan speed and temperature.
link state propagation
An option for 
s in bypass mode that automatically brings down the second interface in a pair 
when one of the interfaces in an inline set goes down. When the downed interface comes back up, the 
second interface automatically comes back up also. In other words, if the link state of a paired interface 
changes, the link state of the other interface changes automatically to match it.
list
See 
load balancer
 that distributes traffic to optimize performance and resource use. Using 
system can identify 
logical interface
A virtual subinterface that you define to handle traffic with specific 
 tags as the tagged traffic