Glossary
GL-2
Cisco Intrusion Prevention System Sensor CLI Configuration Guide for IPS 5.0
78-16527-01
AnalysisEngine
The IPS software module that handles sensor configuration. It maps the interfaces and also the
signature and alarm channel policy to the configured interfaces. It performs packet analysis and alert
detection.
API
Application Programming Interface. The means by which an application program talks to
communications software. Standardized APIs allow application programs to be developed
independently of the underlying method of communication. Computer application programs run a set
of standard software interrupts, calls, and data formats to initiate contact with other devices (for
example, network services, mainframe communications programs, or other program-to-program
communications). Typically, APIs make it easier for software developers to create links that an
application needs to communicate with the operating system or with the network.
application
Any program (process) designed to run in the Cisco IPS environment.
application instance
A specific application running on a specific piece of hardware in the IPS environment. An application
instance is addressable by its name and the IP address of its host computer.
architecture
The overall structure of a computer or communication system. The architecture influences the
capabilities and limitations of the system.
ARP
Address Resolution Protocol. Internet protocol used to map an IP address to a MAC address. Defined
in RFC 826.
ASA
Adaptive Security Appliance. The ASA combines firewall, VPN concentrator, and intrusion prevention
software functionality into one software image. You can configure ASA in single mode or multi-mode.
ASDM
Adaptive Security Device Manager. A web-based application that lets you configure and manage your
ASA.
atomic attack
Represents exploits contained within a single packet. For example, the “ping of death” attack is a
single, abnormally large ICMP packet.
ATOMIC engine
There are two ATOMIC engines: ATOMIC.IP inspects IP protocol packets and associated Layer-4
transport protocols, and ATOMIC.ARP inspects Layer-2 ARP protocol.
attack
An assault on system security that derives from an intelligent threat, that is, an intelligent act that is a
deliberate attempt (especially in the sense of method or technique) to evade security services and
violate the security policy of a system.
authentication
Process of verifying that a user has permission to use the system, usually by means of a password key
or certificate.
AuthenticationApp
A component of the IPS. It verifies that users have the correct permissions to perform CLI, IDM, or
RDEP actions.
B
backplane
The physical connection between an interface processor or card and the data buses and the power
distribution buses inside a chassis.
base version
A software release that must be installed before a follow-up release such as a service pack or signature
update can be installed. Major and minor version upgrades are base version releases.