Cisco Cisco Firepower Management Center 4000
Glossary
GL-20
FireSIGHT System User Guide
drill-down page
An intermediate
page used to constrain
views. Generally, a drill-down page presents
constraints that you can select to advance to a more narrowly constrained page or a
.
drop event
generated when a
triggers. In the
, drop events are marked with
black down arrows.
drop rule
An
whose
is set to Drop and Generate Events. When a malicious packet triggers
the rule in an
, and the
you
is set to drop when inline, the system
drops the packet and generates an
).
dynamic analysis
A method of submitting
to the
for
malware analysis. The cloud runs the file in a test environment and returns a
and
to the
. From the dynamic analysis summary report, you can also
view the
dynamic analysis summary report
A summary of why the
assigned a
to a file, including
any threats discovered during
, as well as additional processes detected when running
the file in the test environment. From here, you can also view the
dynamic rule state
A intrusion
that is set for a specified period of time in response to a detected rate anomaly in
traffic matching the rule.
endpoint
A computer or mobile device where your users install a
as part of your
organization’s
strategy.
eStreamer
A component of the FireSIGHT System that allows you to stream
or
managed
to external
s.
event
A collection of details about a specific occurrence that you can view in the
, using
s. Events may represent attacks on your network, changes in your detected network assets,
violations of your organization’s security and network use policies, and so on. The system also generates
events that contain information about the changing health status of
events that contain information about the changing health status of
s, your use of the web
interface,
s, and launched
s. Finally, the system presents certain other information
as events, even though these “events” do not represent particular occurrences. For example, you can use
the event viewer to view detailed information about detected
the event viewer to view detailed information about detected
s,
s, and their
vulnerabilities.