Glossary
GL-11
Installing Cisco Intrusion Prevention System Appliances and Modules 5.0
78-16124-01
P
packet
Logical grouping of information that includes a header containing control information and (usually)
user data. Packets most often are used to refer to network layer units of data. The terms datagram,
frame, message, and segment also are used to describe logical information groupings at various layers
of the OSI reference model and in various technology circles.
PASC Port Spoof
An attempt to open connections through a firewall to a protected FTP server to a non-FTP port. This
happens when the firewall incorrectly interprets an FTP 227 (Entering Passive Mode) command by
opening an unauthorized connection.
passive
fingerprinting
Act of determining the OS or services available on a system from passive observation of network
interactions.
PAT
Port Address Translation. A more restricted translation scheme than NAT in which a single IP address
and different ports are used to represent the hosts of a network.
PCI
Peripheral Component Interface. The most common peripheral expansion bus used on Intel-based
computers.
PDU
protocol data unit. OSI term for packet. See also BPDU and packet.
PEP
Cisco Product Evolution Program. PEP is the UDI information that consists of the PID, the VID, and
the SN of your sensor. PEP provides hardware version and serial number visibility through electronic
query, product labels, and shipping items.
PER
packed encoding rules. Instead of using a generic style of encoding that encodes all types in a uniform
way, PER specializes the encoding based on the date type to generate much more compact
representations.
PFC
Policy Feature Card. An optional card on a Catalyst 6000 supervisor engine that supports VACL packet
filtering.
PID
Product Identifier. The orderable product identifier that is one of the three parts of the UDI. The UDI
is part of the PEP policy.
ping
packet internet groper. ICMP echo message and its reply. Often used in IP networks to test the
reachability of a network device.
PIX Firewall
Private Internet Exchange Firewall. A Cisco network security device that can be programmed to
block/enable addresses and ports between networks.
PKI
Public Key Infrastructure. Authentication of HTTP clients using the clients’ X.509 certificates.
Post-ACL
Designates an ACL from which Network Access Controller should read the ACL entries, and where it
places entries after all deny entries for the addresses being blocked.
POST
Power-On Self Test. Set of hardware diagnostics that runs on a hardware device when that device is
powered up.