Manualshelf

TMS zl Management and Configuration Guide ST.1.1.100226

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
1411141214131414141514161417141814191420
B-28
Glossary
signature A preset definition that specifies characteristics that are indicative of a
particular attack.
signature-based
IDS
Attack detection that compares audit data with known attack signatures that
are stored in a signature database.
signature family A grouping of signatures that detect similar kinds of attacks, for example, DoS,
XSS, backdoor, gain access, and so on.
signature server The HP ProCurve server from which the latest signature files are downloaded.
The signature server address is preloaded in the TMS zl Module and cannot
be altered.
single-entry
address object
An address object that specifies only a single IP address, IP address range, or
network address.
site-to-site A type of VPN tunnel between two VPN gateways, both of which can be initiator
and responder.
sliding window A TCP header field that specifies the maximum number of unacknowledged
bytes allowed in a session.
slot ID The number assigned to the chassis slot.
SNMP Simple Network Management Protocol. An application-layer protocol that
supports the exchange of management information between network devices.
An SNMP network consists of agents, managed devices, and network-manage-
ment systems. Hierarchically organized information about network devices is
stored in and accessed from a MIB. The NAC 800 supports SNMPv2, which
controls access based on community. For example, a server that knows the
NAC 800’s read-only community name can read. For more information, see RFC
1157 at http://www.ietf.org/rfc/rfc1157.txt.
SNMP trap A message which is initiated by a network element and sent to the network
management system. For example, if PCM+ is configured as a trap destination,
the TMS zl Module can send SNMP traps to PCM+.
SNMP community A group that devices that run SNMPv1/v2c belong to. It helps define where
information is sent. These devices will not respond to SNMP messages that
are from other SNMP communities.
source NAT Network address translation in which the source IP address is replaced by
another IP address as the packet crosses a network boundary.
source routing A process in which a sender specifies the route by which a packet will travel.
As an attack technique, the sender specifies a route to see if the route is
successful, then learns legitimate paths from the failed and successful routing.