1
Definition:A server acting as an intermediary between the external and internal networks, screening all incoming and outgoing traffic.
Proxy Server
Definition:A firewall that can block designated types of traffic from entering a protected network based on application data contained within packets
Content Filtering Firewall
Definition:A firewall innovation that monitors and limits the traffic of specific applications, adapts to the class of users or user groups, and adapts to the context of various applications, users, and devices.
Layer 7 Firewall
Definition:A security technique that alerts the system of any changes made to files that shouldn’t change, such as operating system files.
FIMS
Definition:A type of intrusion prevention that runs on a single computer, such as a client or server, to intercept and help prevent attacks against that one host.
HIPS
Definition:A list of statements used by a router or other device to permit or deny the forwarding of traffic on a network based on one or more criteria.
Access Control List
Definition:A firewall that manages each incoming packet as a stand-alone entity without regard to currently active connections.
Stateless Firewall
Definition:A stand-alone device, an application, or a built-in feature running on a workstation, server, switch, router, or firewall. It monitors network traffic, generating alerts about suspicious activity.
Intrusion Detection System
Definition:A type of intrusion detection that protects an entire network and is situated at the edge of the network or in a network’s DMZ.
NIDS
Definition:Software that can be configured to evaluate data logs from IDS, IPS, firewalls, and proxy servers in order to detect significant events that require the attention of IT staff according to predefined rules.
SIEM
Definition:An ACL rule which ensures that any traffic the ACL does not explicitly permit is denied by default.
Implicit Deny
Definition:A command-line firewall utility for Linux systems.
Iptables
Definition:Identifiable patterns of code that are known to indicate specific vulnerabilities, exploits, or other undesirable traffic.
Signatures
Definition:A monitoring technique in which one port on a switch is configured to send a copy of all its traffic to a second port.
Port Mirroring
Definition:A message generated when a pre-defined event occurs, which is then logged by the system.
Alert
Definition:A firewall configured and positioned to protect an entire network.
Networked Based firewall
Definition:A security strategy that combines multiple layers of security appliances and technologies into a single safety net.
UTM
Definition:The process of regularly updating the signatures used to monitor a network’s traffic.
Signature Management
Definition:A stand-alone device, an application, or a built-in feature running on a workstation, server, switch, router, or firewall that stands in-line between an attacker and the targeted network or host, and can prevent traffic from reaching that network or host.
IPS
Definition:A message sent to IT personnel via email, text, or some other method that is triggered by the occurrence of a predefined event.
Notification
Definition:A firewall that only protects the computer on which it’s installed.
Host Based Firewalls
Definition:A firewall innovation that monitors and limits the traffic of specific applications, adapts to the class of users or user groups, and adapts to the context of various applications, users, and devices.
NGFWs
Definition:A type of intrusion detection that runs on a single computer, such as a client or server, to alert about attacks against that one host.
HIDS
Definition:A type of intrusion prevention that protects an entire network and is situated at the edge of the network or in a network’s DMZ.
NIPS
Definition:A switching protocol defined by the IEEE standard 802.1D that functions at the Data Link layer and prevents traffic loops by artificially blocking the links that would complete a loo
Spanning Tree Protocol