Version 5.2 Sourcefire 3D System User Guide 267
correlation
to
discovery
Glossary
correlation A feature you can use to build a correlation policy that responds in real time to
threats on your network. The remediation component of correlation provides a
flexible API that allows you to create and upload your own custom remediation
modules to respond to policy violations.
custom user role A user role with specialized access privileges. Custom user roles may have any
set of menu-based and system permissions, and may be completely original or
based on a predefined user role.
dashboard A display that provides at-a-glance views of current system status, including data
about the events collected and generated by the system. To augment the
dashboards delivered with the system, you can create multiple custom
dashboards, populated with the dashboard widgets you choose. Compare with
the Context Explorer, which offers a broad, brief, and colorful picture of how your
monitored network looks and acts.
dashboard widget A small, self-contained dashboard component that provides insight into an aspect
of the Sourcefire 3D System.
database access A feature that allows read-only access to the Defense Center database by a
third-party client.
decoder A component of intrusion detection and prevention that places sniffed packets
into a format that can be understood by a preprocessor.
default action As part of an access control policy, determines how to handle traffic that does not
meet the conditions of any rule in the policy. When you apply an access control
policy that does not contain any access control rules or Security Intelligence
settings, the default policy action determines how non-fast-pathed traffic on your
network is handled. You can set the default action to block or trust traffic without
further inspection, or inspect it with a network discovery policy or intrusion policy.
Defense Center A central management point that allows you to manage devices and automatically
aggregate and correlate the events they generate.
device A fault-tolerant, purpose-built appliance available in a range of throughputs.
Depending on the licensed capabilities you enable on your devices, you can use
them to passively monitor traffic to build a comprehensive map of your network
assets, application traffic, and user activity, perform intrusion detection and
prevention, perform access control, and configure switching and routing. You
must manage devices with a Defense Center.
device clustering See clustering.
device stacking See stacking.
discovery
A component of the Sourcefire 3D System that uses managed devices to monitor
your network and provide you with a complete, persistent view of your network.
To Next Page
Loading...