Cisco Cisco Firepower Management Center 4000
Glossary
GL-37
FireSIGHT System User Guide
server banner
The first 256 bytes of the first packet detected for a
, which can provide additional information that
may help you identify the server. The system collects a server banner only once, the first time the server
is detected.
is detected.
server certificate
An encrypted certificate issued by a
that provides unalterable confirmation of the
server identity. You can request a certificate from any certificate authority and upload that custom
certificate to your appliance.
certificate to your appliance.
server identity
The
type, vendor, and version details for a
on a
.
SFP module
A small form-factor pluggable transceiver that is inserted into a network module on a 71xx Family
device. Sensing interfaces on SFP modules do not allow
device. Sensing interfaces on SFP modules do not allow
SHA-256 hash value
Sometimes abbreviated as SHA256, a 32-bit string that represents a file for which you are performing a
. The hash value is calculated using a cryptographic hash function so that files with
identical SHA-256 values are very likely to have identical contents.
shared layer
that you allow to be used by other intrusion policies. Policies using a shared
layer are updated with changes to
s and
s in the shared layer when you
commit those changes. A shared layer can be modified only in the policy that allows it to be shared; it
is read-only in policies using it.
is read-only in policies using it.
shared object rule
delivered as a binary module compiled from C source code. You can use shared object
rules to detect attacks in ways that
s cannot. You cannot modify the rule keywords and
arguments in a shared object rule; you are limited to either modifying
s used in the rule, or
modifying aspects, such as the source and destination ports and IP addresses, and saving a new instance
of the rule as a custom shared object rule. Shared object rules have a
of the rule as a custom shared object rule. Shared object rules have a
(generator ID) of 3.
SID
Signature ID (also
ID), a unique identifying number assigned to each
. When you
create a new rule or modify an existing
, it is given an SID of 1,000,000 or greater. The
SIDs for
s and standard text rules delivered with the FireSIGHT System are lower than
1,000,000. Also,
s and
s use SIDs to identify the different types of packets they
detect.
Sourcefire Software for X-Series
A software-based application built on Blue Coat’s scalable chassis-based system that provides the
capabilities of a virtual device.
capabilities of a virtual device.