Version 5.2 Sourcefire 3D System User Guide 273
monitor
to
physical interface
Glossary
monitor In an access control policy, a way to log traffic that matches a Security
Intelligence blacklist or access control rule, but allows the system to continue to
evaluate the traffic rather than immediately allowing or blocking it.
NAT Network address translation, a feature most commonly used to share a single
internet connection among multiple hosts on a private network. Using discovery,
the system can identify network devices as logical interfaces. In addition, in a
Layer 3 deployment of the Sourcefire 3D System, you can configure routing with
NAT using a NAT policy.
NAT policy A policy that uses NAT rules to perform routing with NAT.
NetMod A module that you install in the chassis of a managed device that contains the
sensing interfaces for that device.
network device In the Sourcefire 3D System, a host identified as a bridge, router, NAT device, or
logical interface.
network discovery See discovery.
network discovery
policy
A policy that specifies the kinds of discovery policy (including host, user, and
application data) the system collects for specific network segments, including
networks monitored by NetMod-enabled devices. The network discovery policy
also manages import resolution preferences and active detection source
priorities.
network file trajectory A visual representation of a file’s path as hosts transfer it across your network.
For any file with an associated SHA-256 hash value, the trajectory map displays
the IP addresses of all hosts that have transferred the file, the time the file was
detected, the file’s malware disposition, associated file events and malware
events, and so on.
network map A detailed representation of your network. The network map allows you to view
your network topology in terms of the hosts, mobile devices, and network
devices running on your network, as well as their associated host attributes,
application protocols, and vulnerabilities.
non-bypass mode A characteristic of an inline set that blocks traffic if the
sensing interfaces in the
set fail for any reason.
passive detection The collection of discovery policy through analysis of traffic passively collected by
managed devices. Compare with active detection.
passive interface A sensing interface configured to analyze traffic in a passive deployment.
physical interface An interface that represents a physical port on a NetMod.
To Next Page
Loading...