Cisco Cisco Firepower Management Center 4000

An interval specified in seconds, minutes, or hours after a 

 triggers during which the 

 stops firing that rule, even if the rule is violated again during the interval. When the 

snooze period has ended, the rule can trigger again (and start a new snooze period). See also 

An open source intrusion detection system that performs real-time traffic analysis and packet logging on 
IP networks. Snort can perform protocol analysis, content searching and matching, and can detect a 
variety of attacks and probes. Snort uses a flexible rules language to describe network traffic that it 
should collect or pass. The FireSIGHT System uses Snort to test packets against 

s, 

s.

A method of submitting file structural characteristics to the 

malware analysis. The results supplement 

.

Two to four connected 

s that share detection resources.

A feature that allows you to increase the amount of traffic inspected on a network segment by connecting 
two to four physical 

s in a stacked configuration. When you establish a stacked configuration, you 

combine the resources of each stacked device into a single, shared configuration.

An 

 created based on the identifiers, keywords, and arguments available in the rule editor. 

You can create your own custom standard text rules and modify Cisco-provided standard text rules. A 
standard text rule has a 

 (generator ID) of 1.

A feature that allows clustered 

s to synchronize so that if either device or stack fails, the 

peer can take over with no interruption to traffic flow. State sharing ensures that strict TCP enforcement, 
unidirectional 

s, blocking persistence, and dynamic 

 fail over properly.

A 

 that is saved to a 

’s hard drive or 

, if installed. Stored files 

can be downloaded and analyzed at a later time.

A 

 called by another server on the same host.

See