Version 5.2 Sourcefire 3D System User Guide 268
discovery policy
to
file type
Glossary
Network discovery determines the number and types of hosts (including network
devices and mobile devices) on your network, as well as information about the
operating systems, active applications, and open ports on those hosts. You can
also configure Sourcefire managed devices to monitor user activity on your
network, which allows you to identify the source of policy breaches, attacks, or
network vulnerabilities.
discovery policy See network discovery policy.
endpoint A computer or mobile device where your users install a FireAMP Connector as
part of your organization’s advanced malware protection strategy.
eStreamer A component of the Sourcefire 3D System that allows you to stream event data
from a Defense Center or managed device to external client applications.
event A collection of details about a specific occurrence that you can view in the event
viewer, using workflows. Events may represent attacks on your network, changes
in your detected network assets, violations of your organization’s security and
network use policies, and so on. The system also generates events that contain
information about the changing health status of appliances, your use of the web
interface, rule updates, and launched remediations. Finally, the system presents
certain other information as events, even though these “events” do not represent
particular occurrences. For example, you can use the event viewer to view
detailed information about detected hosts, applications, and their vulnerabilities.
event viewer A component of the system that allows you to view and manipulate events. The
event viewer uses workflows to present a broad, then a more focused event view
that contains only the events of interest to you. You can constrain the events in an
event view by drilling down through the workflow, or by using a search.
Event Streamer See eStreamer.
fast-path rule A rule that you configure at a device’s hardware level, using a limited set of
criteria, to allow traffic that does not need to be analyzed to bypass processing.
feed See Security Intelligence feed.
file control A feature that, as part of access control, allows you to specify and log the types of
files that can traverse your network.
file policy A policy that the system uses to perform file control and advanced malware
protection. Populated by file rules, a file policy is invoked by an access control rule
within an access control policy.
file trajectory See network file trajectory
.
file type A specific type of file format, such as PDF, EXE, or MP3.
To Next Page
Loading...