Version 5.2 Sourcefire 3D System User Guide 266
client
to
Control license
Glossary
client Also called a client application, an application that runs on one host and relies on
another host (a server) to perform some operation. For example, email clients
allow you to send and receive email. When the system detects that a user on a
host is using a specific client to access another host, it reports that information in
the host profile and network map, including the name and version (if available) of
the client.
client application See client.
clustering A feature that allows you to achieve redundancy of networking functionality and
configuration data between two peer Series 3 devices or stacks. Clustering
provides a single logical system for policy applies, system updates, and
registration. Compare with high availability, which allows you to configure
redundant Defense Centers.
command line
interface
A restricted text-based interface on Series 3 and virtual devices. The commands
that CLI users can run depend on the users’ assigned level of access.
configurable bypass A characteristic of an inline set that allows you to configure bypass mode.
connection A monitored session between two hosts. You can log connections detected by
managed devices in the access control policy; you configure NetMod connection
logging in the network discovery policy.
Context Explorer A page that displays detailed, interactive graphical information about your
monitored network, using intrusion, connection, file, geolocation, malware, and
discovery policy. Distinct sections present information in the form of vivid line,
bar, pie, and donut graphs, accompanied by detailed lists. You can easily create
and apply custom filters to fine-tune your analysis, and you can examine data
sections in more detail by clicking or hovering your cursor over graph areas.
Compared with a dashboard, which is highly customizable, compartmentalized,
and updates in real time, the Context Explorer is manually updated, designed to
provide broader context for its data, and has a single, consistent layout designed
for active user exploration.
context menu A pop-up menu, available on many of the pages in the web interface, that you can
use as a shortcut for accessing other features in the Sourcefire 3D System. The
contents of the menu depend on several factors, including the page you are
viewing, the specific data you are investigating, and your user role. Context menu
options include links to intrusion rule, event, and host information; various
intrusion rule settings, quick links to the Context Explorer; options to add a host to
the Security Intelligence global blacklist or global whitelist by its IPS address; and
options to add a file to the global whitelist by its SHA-256 hash value.
Control license A license that allows you to implement
user control and application control by
adding user and application conditions to access control rules. It also allows you
to configure your managed devices to perform switching and routing (including
DHCP relay and NAT), as well as clustering managed devices.
To Next Page
Loading...