Glossary
GL-4
Installing Cisco Intrusion Prevention System Appliances and Modules 5.0
78-16124-01
community
In SNMP, a logical group of managed devices and NMSs in the same administrative domain.
composite attack
Spans multiple packets in a single session. Examples include most conversation attacks such as FTP,
Telnet, and most Regex-based attacks.
connection block
Network Access Controller blocks traffic from a given source IP address to a given destination IP
address and destination port.
console
A terminal or laptop computer used to monitor and control the sensor.
console port
An RJ45 or DB9 serial port on the sensor that is used to connect to a console device.
control interface
When Network Access Controller opens a Telnet or SSH session with a network device, it uses one of
the device’s routing interfaces as the remote IP address. This is the control interface.
control transaction
An IPS message containing a command addressed to a specific application instance. Example control
transactions include start, stop, getConfig.
cookie
A piece of information sent by a web server to a web browser that the browser is expected to save and
send back to the web server whenever the browser makes additional requests of the web server.
CTR
Cisco Threat Response. See Threat Response.
D
Database Processor
See DBP.
datagram
Logical grouping of information sent as a network layer unit over a transmission medium without prior
establishment of a virtual circuit. IP datagrams are the primary information units in the Internet. The
terms cell, frame, message, packet, and segment also are used to describe logical information groupings
at various layers of the OSI reference model and in various technology circles.
DBP
Database Processor. Maintains the signature state and flow databases.
DCE
data circuit-terminating equipment (ITU-T expansion). Devices and connections of a communications
network that comprise the network end of the user-to-network interface. The DCE provides a physical
connection to the network, forwards traffic, and provides a clocking signal used to synchronize data
transmission between DCE and DTE devices. Modems and interface cards are examples of DCE.
Deny Filters
Processor
See DFP.
DES
Data Encryption Standard. A strong encryption method where the strength lies in a 56-bit key rather
than an algorithm.
destination address
Address of a network device that is receiving data.
DFP
Deny Filters Processor. Handles the deny attacker functions. It maintains a list of denied source IP
addresses.
DIMM.
Dual In-line Memory Modules.