An IPS in which the intrusion-prevention application resides on that specific host, typically a single computer. The IPS monitors system activities for malicious or unwanted behaviors. It can react in real time to block or prevent those activities. The key benefit is that HIPS is behavior-based as opposed to signature-based.
Host Bus Adapter (HBA) Connects a host system to other network and storage devices. This term primarily refers to devices for connecting SCSI, Fibre Channel, and eSATA devices, but devices for connecting to IDE, Ethernet, FireWire, USB, and other systems may also be called host adapters.
Hot site A completely redundant site that has equipment very similar to that at the original site.Data is routinely copied from a primary site to a hot site. As a result, a hot site can be up and functioning within a few minutes (or even seconds) after a catastrophe at the primary site.
IEEE 802.1x A standards-based approach for providing port-based network access.Specifically, 802.1x is a Layer 2 protocol that defines how Extensible Authentication Protocol (EAP) frames are encapsulated, typically between a user’s network device (such as a PC) and a switch or wireless access point.
IKE proposal Internet Key Exchange proposal. A collection of security protocols and algorithms that can be used to establish an IKE Phase 1 (ISAKMP) tunnel.
In-band management An approach that allows management traffic to be transmitted across a production network.
Inline mode Inline mode operation requires at least two monitoring interfaces on an IPS sensor, because the sensor resides inline with the traffic. (In other words, traffic enters the sensor on one monitoring interface and exits the sensor on another monitoring interface.) Therefore, a sensor running in inline mode supports IPS operation and can drop malicious traffic before it reaches its intended target.
Integrated Services Router (ISR) As its name suggests, this kind of Cisco router integrates
various services (such as voice and security services) into a router’s architecture
Integrity Data integrity ensures that data is not modified in transit. For example, routers at each end of a tunnel could calculate checksum values or hash values for the data. If both routers
calculate the same values, the data most likely was not modified in transit.
Intrusion detection system (IDS) Can recognize network attacks by analyzing a copy of network traffic. Can deliver a comprehensive, pervasive security solution for combating unauthorized intrusions, malicious Internet worms, and bandwidth and e-business application attacks.
No comments:
Post a Comment