Term
|
Definition
Stateful Packet Inspection
Type of packet inspection that keeps track of network connections by examining the header in each packet, also known as SPI. |
|
|
Term
|
Definition
| A part of a computer system or network designed to block unauthorized access while permitting authorized communications. It is a device or set of devices configured to permit or deny computer applications based on a set of rules and other criteria. |
|
|
Term
|
Definition
| Packet filtering as it applies to firewalls inspects each packet passing through the firewall and accepts or rejects it based on rules. Two types of packet filtering include stateless packet filters and stateful packet inspection (SPI). |
|
|
Term
|
Definition
Application-Level Gateway
Applies security mechanisms to specific applications, such as FTP and/or BitTorrent. It supports address and port translation and checks whether the type of application traffic is allowed. |
|
|
Term
|
Definition
| Works at the Session Layer of the OSI model and applies security mechanisms when a TCP or UDP connection is established; they act as a go-between for the Transport and Application Layers in TCP/IP. |
|
|
Term
|
Definition
| A firewall that can control the traffic associated with specific applications. Works all the way up to the Application Layer of the OSI model. |
|
|
Term
|
Definition
| Denies all traffic to a resource unless the users generating that traffic are specifically granted access to the resource. For example, when a device denies all traffic unless a rule is made to open the port associated with the type of traffic desired to be let through. |
|
|
Term
|
Definition
| When an administrator sets a rule that allows a specific type of traffic through a firewall, often within an ACL. |
|
|
Term
|
Definition
| When an administrator sets a rule that denies a specific type of traffic access through a firewall, often within an ACL. |
|
|
Term
|
Definition
| Acts as an intermediary for clients usually located on a LAN and the servers that they want to access that are usually located on the Internet. |
|
|
Term
|
Definition
| Secures a network by keeping machines behind it anonymous; it does this through the use of NAT. |
|
|
Term
|
Definition
Web Proxy
The HTTP proxy, also known as a web proxy, which caches web pages from servers on the Internet for a set amount of time. |
|
|
Term
|
Definition
| An Internet content filter, or simply a content filter, is usually applied as software at the Application Layer and can filter out various types of Internet activities such as websites accessed, e-mail, instant messaging, and more. It is used most often to disallow access to inappropriate web material. |
|
|
Term
|
Definition
| Generally is a single computer but could also be a file, group of files, or an area of unused IP address space used to attract and trap potential attackers to counteract any attempts at unauthorized access of the network. |
|
|
Term
|
Definition
| One or more computers, servers, or an area of a network, used to attract and trap potential attackers to counteract any attempts at unauthorized access of the network. |
|
|
Term
|
Definition
Network Intrusion Detection System
A type of IDS that attempts to detect malicious network activities—for example, port scans and DoS attacks—by constantly monitoring network traffic. |
|
|
Term
|
Definition
Network Intrusion Prevention System
Designed to inspect traffic, and based on its configuration or security policy, the system can remove, detain, or redirect malicious traffic. |
|
|
Term
|
Definition
| When a system authenticates a user who should not be allowed access to the system. For example, when an IDS/IPS blocks legitimate traffic from passing on to the network. |
|
|
Term
|
Definition
| When a system denies a user who actually should be allowed access to the system. For example, when an IDS/IPS fails to block an attack, thinking it is legitimate traffic. |
|
|
Term
|
Definition
Access Control List
A list of permissions attached to an object. They specify what level of access a user, users, or groups have to an object. When dealing with firewalls, an ACL is a set of rules that apply to a list of network names, IP addresses. and port numbers. |
|
|
Term
|
Definition
| The border of a computer network, commonly secured by devices such as firewalls and NIDS/NIPS solutions. |
|
|
Term
|
Definition
| In a network adapter, this passes all traffic to the CPU, not just the frames addressed to it. When the network adapter captures all packets that it has access to regardless of the destination for those packets. |
|
|
