Version 5.2 Sourcefire 3D System User Guide 272
logical interface
to
mobile device
Glossary
logical interface A virtual subinterface that you define to handle traffic with specific VLAN tags as
the tagged traffic passes through a physical interface.
malware blocking A component of Sourcefire’s network-based advanced malware protection (AMP)
solution. After malware detection yields a malware disposition for a detected file,
you can either block the file or allows its upload or download. Compare this
functionality with FireAMP, Sourcefire’s endpoint-based AMP tool that requires a
FireAMP subscription.
malware cloud lookup A process by which the Defense Center communicates with the Sourcefire cloud
to determine the malware disposition of a file detected in network traffic, based
on the file’s SHA-256 hash value.
malware detection A component of Sourcefire’s network-based advanced malware protection (AMP)
solution. File policies applied to managed devices as part of your overall access
control configuration inspect network traffic. The Defense Center then performs
malware cloud lookups for specific detected file types, and generates events that
alert you to the files’ malware dispositions. AMP malware blocking follows and
either blocks the file or allows its upload or download. Compare this functionality
with FireAMP, Sourcefire’s endpoint-based AMP tool that requires a FireAMP
subscription.
malware event An event generated by one of Sourcefire’s advanced malware protection
solutions. Network-based malware events are generated when the Sourcefire
cloud returns a malware disposition for a file detected in network traffic;
retrospective malware events are generated when that disposition changes.
Compare with endpoint-based malware events, which are generated when a
deployed FireAMP Connector detects a threat, blocks malware execution, or
quarantines or fails to quarantine malware.
Malware license A license that allows you to perform advanced malware protection (AMP) in
network traffic. Using a file policy, you can configure the system to perform
malware cloud lookups on specific file types detected by managed devices.
Compare with FireAMP subscription.
malware protection See advanced malware protection.
managed device See device.
management
interface
The network interface that you use to administer a Sourcefire 3D System
appliance. In most deployments, the management interface is connected to an
internal protected network. Compare with
sensing interface.
mobile device In the Sourcefire 3D System, a host identified by the discovery feature as a
mobile, handheld device (such as a mobile phone or tablet). The system can often
detect whether a mobile device is jailbroken.
To Next Page
Loading...