Term
| all-in-one network security appliance |
|
Definition
| Network hardware that provides multiple security functions. |
|
|
Term
|
Definition
| A monitoring technique used by an IDS that creates a baseline of normal activities and compares actions against the baseline. Whenever a significant deviation from this baseline occurs, an alarm is raised. |
|
|
Term
| behavior-based monitoring |
|
Definition
| A monitoring technique used by an IDS that uses the normal processes and actions as the standard and compares actions against it. |
|
|
Term
|
Definition
| A separate network that rests outside the secure networkperimeter; untrusted outside users can access it but cannot enter the secure network. |
|
|
Term
|
Definition
| A monitoring technique used by an IDS that uses an algorithm to determine if a threat exists. |
|
|
Term
| host intrusion detection system (HIDS) |
|
Definition
| A software-based application that runs on a local host computer that can detect an attack as it occurs. |
|
|
Term
| intrusion detection system (IDS) |
|
Definition
| A device designed to be active security; it can detect an attack as it occurs. |
|
|
Term
|
Definition
| A device that can direct requests to different servers based on a variety of factors, such as the number of server connections, the server's processor utilization, and overall performance of the server. |
|
|
Term
| network access control (NAC) |
|
Definition
| A technique that examines the current state of a system or network device before it is allowed to connect to the network. |
|
|
Term
| network address translation (NAT) |
|
Definition
| A technique that allows private IP addresses to be used on the public Internet. |
|
|
Term
| network intrusion detection system (NIDS) |
|
Definition
| A technology that watches for attacks on the network and reports back to a central device. |
|
|
Term
| network intrusion prevention system (NIPS) |
|
Definition
| A technology that monitors network traffic to immediately react to block a malicious attack. |
|
|
Term
|
Definition
| A computer or an application program that intercepts a user request from the internal secure network and then processes that request on behalf of the user. |
|
|
Term
|
Definition
| Any combination of hardware and software that enables remote users to access a local internal network. |
|
|
Term
|
Definition
| A computer or an application program that routes incoming requests to the correct server. |
|
|
Term
|
Definition
| A device that can forward packets across computer networks. |
|
|
Term
| signature-based monitoring |
|
Definition
| A monitoring technique used by an IDS that examines network traffic to look for well-known patterns and compares the activities against a predefined signature. |
|
|
Term
| subnetting (subnet addressing) |
|
Definition
| A technique that uses IP addresses to divide a network into network, subnet, and host. |
|
|
Term
|
Definition
| A device that connects network segments and forwards only frames intended for that specific device or frames sent to all devices. |
|
|
Term
|
Definition
| A technology that allows scattered users to be logically grouped together even though they may be attached to different switches. |
|
|
Term
| virtual private network (VPN) |
|
Definition
| A technology to use an unsecured public network, such as the Internet, like a secure private network. |
|
|
Term
|
Definition
| A device that aggregates hundreds or thousands of VPN connections. |
|
|
Term
|
Definition
| A special type of firewall that looks more deeply into packets that carry HTTP traffic. |
|
|
Term
|
Definition
| A device that can block malicious content in "real time" as it appears (without first knowing the URL of a dangerous site). |
|
|
