Cisco IPS-4255-K9 - Intrusion Protection Sys 4255 Installation Manual page 382

Glossary
Intrusion Detection Application Programming Interface. Provides a simple interface between IPS
IDAPI
architecture applications. IDAPI reads and writes event data and provides a mechanism for control
transactions.
Intrusion Detection Configuration. A data format standard that defines operational messages that are
IDCONF
used to configure intrusion detection and prevention systems.
Ident protocol, specified in RFC 1413, is an Internet protocol that helps identify the user of a particular
IDENT
TCP connection.
Intrusion Detection Interchange and Operations Messages. A data format standard that defines the
IDIOM
event messages that are reported by intrusion detection systems and the operational messages that are
used to configure and control intrusion detection systems.
IPS Device Manager. A web-based application that lets you configure and manage your sensor. The
IDM
web server for IDM resides on the sensor. You can access it through Internet Explorer or Firefox web
browsers.
Intrusion Detection Message Exchange Format. The IETF Intrusion Detection Working Group draft
IDMEF
standard.
Intrusion Detection System Module. A switching module that performs intrusion detection in the
IDSM2
Catalyst 6500 series switch.
Management Center for IDS Sensors. A web-based IDS manager that can manage configurations for
IDS MC
up to 300 sensors.
IPS Manager Express. A network management application that provides system health monitoring,
IME
events monitoring, reporting, and configuration for up to ten sensors.
All packets entering or leaving the network must pass through the sensor.
inline mode
A pair of physical interfaces configured so that the sensor forwards all traffic received on one interface
inline interface
out to the other interface in the pair.
A component of the IPS. Handles bypass and physical settings and defines paired interfaces. Physical
InterfaceApp
settings are speed, duplex, and administrative state.
IDS. A security service that monitors and analyzes system events to find and provide real-time or near
intrusion detection
system real-time warning of attempts to access system resources in an unauthorized manner.
32-bit address assigned to hosts using TCP/IP. An IP address belongs to one of five classes (A, B, C,
IP address
D, or E) and is written as 4 octets separated by periods (dotted decimal format). Each address consists
of a network number, an optional subnetwork number, and a host number. The network and subnetwork
numbers together are used for routing, and the host number is used to address an individual host within
the network or subnetwork. A subnet mask is used to extract network and subnetwork information from
the IP address.
Intrusion Prevention System. A system that alerts the user to the presence of an intrusion on the network
IPS
through network traffic analysis techniques.
Describes the messages transferred over the command and control interface between IPS applications.
IPS data or message
Cisco Intrusion Prevention System Appliance and Module Installation Guide for IPS 7.0
GL-10
OL-18504-01