Version 5.2 Sourcefire 3D System User Guide 276
security policy
to
Sourcefire VRT
Glossary
security policy An organization's guidelines for protecting its network. For example, your security
policy might forbid the use of wireless access points. A security policy may also
include an acceptable use policy (AUP), which provides employees with
guidelines of how they may use their organization’s systems.
security policy
violation
A security breach, attack, exploit, or other misuse of your network.
security zone A grouping of one or more inline, passive, switched, or routed interfaces that you
can use to manage and classify traffic flow in various policies and configurations.
The interfaces in a single zone may span multiple devices; you can also configure
multiple security zones on a single device. You must assign each interface you
configure to a security zone before it can handle traffic, and each interface can
belong to only one security zone.
sensing interface A network interface on a device that you use to monitor a network segment.
Compare with management interface.
Series 2 The second series of Sourcefire appliance models. Because of resource,
architecture, and licensing limitations, Series 2 appliances support a restricted set
of Sourcefire 3D System features. Series 2 devices include the 3D500, 3D1000,
3D2000, 3D2100, 3D2500, 3D3500, 3D4500, 3D6500, and 3D9900. Series 2
Defense Centers include the DC500, DC1000, and DC3000.
Series 3 The third series of Sourcefire appliance models. Series 3 appliances include
7000 Series and 8000 Series devices, as well as the DC750, DC1500, and
DC3500 Defense Centers.
server The server application (compare with client application) installed on a host,
identified by application protocol traffic.
SFP module A small form-factor pluggable transceiver that is inserted into a network module
on a 71xx Family device. Sensing interfaces on SFP modules do not allow
configurable bypass.
Sourcefire cloud Sometimes called cloud services, a Sourcefire-hosted external server where the
Defense Center can obtain up-to-date, relevant information including malware,
Security Intelligence, and URL filtering data. See also malware cloud lookup.
Sourcefire
Intelligence Feed
A collection of regularly updated lists of IP addresses determined by the
Sourcefire VRT to have a poor reputation. Each list in the feed represents a
specific category: open relays, known attackers, bogus IP addresses (bogon), and
so on. In an access control policy, you can blacklist any or all of the categories
using Security Intelligence. Because the intelligence feed is regularly updated,
using it ensures that the system uses up-to-date information to filter your
network traffic.
Sourcefire VRT Sourcefire’s Vulnerability Research Team.
To Next Page
Loading...