Cisco Cisco Firepower Management Center 4000
Glossary
GL-40
FireSIGHT System User Guide
threat score
A rating of 1-100 assigned to a file as a result of submission to the
for
that measure the likelihood the file contains malware.
thresholding
See
time window
A time constraint on the
s in any event view. Different event views may have different default time
windows, depending on your user preferences. Note that not all event views can be constrained by time.
traffic profile
A profile of the traffic on your network, based on
data logged over a time span that you
specify. You can create profiles using all the traffic on a monitored network segment, or you can create
more targeted profiles. Then, you can use the
more targeted profiles. Then, you can use the
feature to detect abnormal network traffic by
evaluating new traffic against an existing profile.
transparent inline mode
An advanced
to act as a “bump in the wire” and to forward all the
network traffic it sees, regardless of its source and destination.
unidentified host
A
whose operating system cannot be identified because the system has not yet gathered enough
information about the host. Compare with
Unified file
A binary file format that the FireSIGHT System uses to log
unknown host
A
whose traffic has been analyzed by the system, but whose operating system does not match any
known
s. Compare with
URL category
A general classification for a URL, such as malware or social networking.
URL filtering
A feature that allows you to write
s that determine the traffic that can traverse your
network based on URLs requested by monitored hosts, correlated with
and
information about those URLs, which is obtained from the
by the
. You can also achieve more granular, custom control over web traffic by
specifying individual URLs or groups of URLs to allow or block.