Cisco 4215 - Intrusion Detection Sys Sensor Configuration Manual page 496

Glossary
The IPS software module that handles sensor configuration. It maps the interfaces and also the
AnalysisEngine
signature and alarm channel policy to the configured interfaces. It performs packet analysis and alert
detection.
Application Programming Interface. The means by which an application program talks to
API
communications software. Standardized APIs allow application programs to be developed
independently of the underlying method of communication. Computer application programs run a set
of standard software interrupts, calls, and data formats to initiate contact with other devices (for
example, network services, mainframe communications programs, or other program-to-program
communications). Typically, APIs make it easier for software developers to create links that an
application needs to communicate with the operating system or with the network.
Any program (process) designed to run in the Cisco IPS environment.
application
A specific application running on a specific piece of hardware in the IPS environment. An application
application instance
instance is addressable by its name and the IP address of its host computer.
The overall structure of a computer or communication system. The architecture influences the
architecture
capabilities and limitations of the system.
Address Resolution Protocol. Internet protocol used to map an IP address to a MAC address. Defined
ARP
in RFC 826.
Adaptive Security Appliance. The ASA combines firewall, VPN concentrator, and intrusion prevention
ASA
software functionality into one software image. You can configure ASA in single mode or multi-mode.
Adaptive Security Device Manager. A web-based application that lets you configure and manage your
ASDM
ASA.
Represents exploits contained within a single packet. For example, the "ping of death" attack is a
atomic attack
single, abnormally large ICMP packet.
There are two ATOMIC engines: ATOMIC.IP inspects IP protocol packets and associated Layer-4
ATOMIC engine
transport protocols, and ATOMIC.ARP inspects Layer-2 ARP protocol.
An assault on system security that derives from an intelligent threat, that is, an intelligent act that is a
attack
deliberate attempt (especially in the sense of method or technique) to evade security services and
violate the security policy of a system.
Process of verifying that a user has permission to use the system, usually by means of a password key
authentication
or certificate.
A component of the IPS. It verifies that users have the correct permissions to perform CLI, IDM, or
AuthenticationApp
RDEP actions.
B
The physical connection between an interface processor or card and the data buses and the power
backplane
distribution buses inside a chassis.
A software release that must be installed before a follow-up release such as a service pack or signature
base version
update can be installed. Major and minor version upgrades are base version releases.
Cisco Intrusion Prevention System Sensor CLI Configuration Guide for IPS 5.0
GL-2
78-16527-01