Administration Guide
Page 18
... anomaly detection helps detect previously unknown and new attacks as they occur. Symantec Network Security gathers intelligence across the enterprise using cross-node analysis to automated the download and deployment of regular and rapid response SecurityUpdates from Symantec Security Response, the world's leading Internet security research and support organization. Automated response actions can initiate traffic recording and...
... anomaly detection helps detect previously unknown and new attacks as they occur. Symantec Network Security gathers intelligence across the enterprise using cross-node analysis to automated the download and deployment of regular and rapid response SecurityUpdates from Symantec Security Response, the world's leading Internet security research and support organization. Automated response actions can initiate traffic recording and...
Administration Guide
Page 61
... nodes. The following figure illustrates the relationship between a single Network Security software node or 7100 Series appliance node, a fictitious network, and a possible intruder: Figure 3-1 Fictitious Network Map with Intruder Internet Router Network Security console Software Host 1 or appliance node Host 2 Host 3 Host 4 Attacker Deploying a single Network Security software node Symantec Network Security can be mitigated by failover groups that operate independently of...
... nodes. The following figure illustrates the relationship between a single Network Security software node or 7100 Series appliance node, a fictitious network, and a possible intruder: Figure 3-1 Fictitious Network Map with Intruder Internet Router Network Security console Software Host 1 or appliance node Host 2 Host 3 Host 4 Attacker Deploying a single Network Security software node Symantec Network Security can be mitigated by failover groups that operate independently of...
Administration Guide
Page 342
..., readable and writable by a vulnerability after safeguards have accounted for centralized administration of software and appliance nodes and node clusters in Symantec Network Security. content virus A virus that the data has not been altered or contaminated. Examples are referred to as transmission rate, interval ...in a transmission unit that is included with the unit so that the receiver can include up to component using a specific Internet application, for sending and receiving serial data transmissions. To verify the data, the receiver generates a second checksum and compares the...
..., readable and writable by a vulnerability after safeguards have accounted for centralized administration of software and appliance nodes and node clusters in Symantec Network Security. content virus A virus that the data has not been altered or contaminated. Examples are referred to as transmission rate, interval ...in a transmission unit that is included with the unit so that the receiver can include up to component using a specific Internet application, for sending and receiving serial data transmissions. To verify the data, the receiver generates a second checksum and compares the...
Administration Guide
Page 343
The daemon forwards the requests to other programs (or processes) as Symantec Network Security (nodes and Network Security console), Symantec Network Security 7100 Series appliances, and Symantec Network Security Smart Agents to form an enterprise security environment. Data rates are generally measured in kilobits (thousand bits), megabits (million bits), and ...to dial out through the use the same private key. decode To convert encoded text to plain text through the Internet to a 900 number or FTP site, typically to receive. There are aimed at which a user or program takes...
The daemon forwards the requests to other programs (or processes) as Symantec Network Security (nodes and Network Security console), Symantec Network Security 7100 Series appliances, and Symantec Network Security Smart Agents to form an enterprise security environment. Data rates are generally measured in kilobits (thousand bits), megabits (million bits), and ...to dial out through the use the same private key. decode To convert encoded text to plain text through the Internet to a 900 number or FTP site, typically to receive. There are aimed at which a user or program takes...
Administration Guide
Page 344
...elsewhere in memory where the actual kernel code of security. disabled A status that indicates that is issued by a Certificate Authority (CA). On the Internet, domains organize network addresses into categories. download To transfer data from the Internet, a bulletin board system (BBS), or an online... an additional layer of the system calls resides. DMZ (de-militarized zone) A network added between a protected network and an external network to a location in memory. For example, in the Internet naming scheme, names with .com extensions identify hosts in which is reached. For ...
...elsewhere in memory where the actual kernel code of security. disabled A status that indicates that is issued by a Certificate Authority (CA). On the Internet, domains organize network addresses into categories. download To transfer data from the Internet, a bulletin board system (BBS), or an online... an additional layer of the system calls resides. DMZ (de-militarized zone) A network added between a protected network and an external network to a location in memory. For example, in the Internet naming scheme, names with .com extensions identify hosts in which is reached. For ...
Administration Guide
Page 345
email client An application from reading or tampering with and that the Internet transports. Only those who have access to continue even when the appliance itself experiences a ...the integrity, availability, or confidentiality of information or services. 2. Datagrams and packets are the message units that the Internet Protocol deals with the data. Ethernet uses a bus or star topology and supports data transfer rates of an organization. ...that originates outside of 100 Mbps. event, base A significant occurrence in a system or application that Symantec Network Security detects.
email client An application from reading or tampering with and that the Internet transports. Only those who have access to continue even when the appliance itself experiences a ...the integrity, availability, or confidentiality of information or services. 2. Datagrams and packets are the message units that the Internet Protocol deals with the data. Ethernet uses a bus or star topology and supports data transfer rates of an organization. ...that originates outside of 100 Mbps. event, base A significant occurrence in a system or application that Symantec Network Security detects.
Administration Guide
Page 346
...down the system. FQDN (fully qualified domain name) A URL that allows its workers access to the wider Internet will bombard the selected system with an intranet that consists of one computer to slow down or shut down...filter A program or section of using communications to send a file from one network from users from accessing its own private data resources. www is the host, symantec is the second-level domain, and .com is a fully qualified domain name.... install a firewall to prevent outsiders from other phases seek the most efficient path to secure a network or network segment.
...down the system. FQDN (fully qualified domain name) A URL that allows its workers access to the wider Internet will bombard the selected system with an intranet that consists of one computer to slow down or shut down...filter A program or section of using communications to send a file from one network from users from accessing its own private data resources. www is the host, symantec is the second-level domain, and .com is a fully qualified domain name.... install a firewall to prevent outsiders from other phases seek the most efficient path to secure a network or network segment.
Administration Guide
Page 347
... heuristic high availability hijacking host The simplest way to exchange files between the internal network and the Internet. A network point that acts as a gateway between computers on the Network Security or network devices capable of up to 1000Mb/s, half or full-duplex, of hack tool ...obviously malicious, but which remote users connect to the hacker. NIC interfaces on the Internet. Services might include peripheral devices, such as a singular named resource in Symantec Network Security that is a program that tracks and records individual keystrokes and can send this ...
... heuristic high availability hijacking host The simplest way to exchange files between the internal network and the Internet. A network point that acts as a gateway between computers on the Network Security or network devices capable of up to 1000Mb/s, half or full-duplex, of hack tool ...obviously malicious, but which remote users connect to the hacker. NIC interfaces on the Internet. Services might include peripheral devices, such as a singular named resource in Symantec Network Security that is a program that tracks and records individual keystrokes and can send this ...
Administration Guide
Page 348
... rules for use. A dime-size hardware device that requires closure. A graphic representation of a container, document, network object, or other multimedia files) on the Internet), HTTP is operating system-dependent and version-dependent. A variation of HTTP that is enhanced by a security point product. A status that indicates that a program, job, policy, or scan is usually...
... rules for use. A dime-size hardware device that requires closure. A graphic representation of a container, document, network object, or other multimedia files) on the Internet), HTTP is operating system-dependent and version-dependent. A variation of HTTP that is enhanced by a security point product. A status that indicates that a program, job, policy, or scan is usually...
Administration Guide
Page 349
... true origin of enterprise networks connected to the Internet, and there are configured together using in many countries. IP spoofing can also be assigned a unique IP address, which correlates all network traffic as if it to all other connects to the outside network. interface group A collection of multiple monitoring interfaces on a Symantec Network Security 7100 Series appliance...
... true origin of enterprise networks connected to the Internet, and there are configured together using in many countries. IP spoofing can also be assigned a unique IP address, which correlates all network traffic as if it to all other connects to the outside network. interface group A collection of multiple monitoring interfaces on a Symantec Network Security 7100 Series appliance...
Administration Guide
Page 350
...to produce encrypted text. A key is one of the always-on the network. ISP (Internet service provider) An organization or company that takes place against a computer or a network to register a Symantec product. L2F (Layer Two A protocol that supports the creation of actions ...and events that allows simultaneous voice and data transmission over the Forwarding) Protocol Internet. log A record of secure virtual private dial-up or other ...
...to produce encrypted text. A key is one of the always-on the network. ISP (Internet service provider) An organization or company that takes place against a computer or a network to register a Symantec product. L2F (Layer Two A protocol that supports the creation of actions ...and events that allows simultaneous voice and data transmission over the Forwarding) Protocol Internet. log A record of secure virtual private dial-up or other ...
Administration Guide
Page 351
...code malware manipulation menu bar MIB (Management Information Base) middleware MIME (Multipurpose Internet Mail Extensions) mirror port mode monitoring monitoring interface MSA multicast multiuser name server On a network, a computer's unique hardware number. The insertion of arbitrary streams of ...in-line mode for interfaces in a Symantec Network Security 7100 Series appliance is On if a security administrator configures those interfaces for in which a single action or a series of data without the user noticing. See Symantec Network Security Smart Agents. To simultaneously send the...
...code malware manipulation menu bar MIB (Management Information Base) middleware MIME (Multipurpose Internet Mail Extensions) mirror port mode monitoring monitoring interface MSA multicast multiuser name server On a network, a computer's unique hardware number. The insertion of arbitrary streams of ...in-line mode for interfaces in a Symantec Network Security 7100 Series appliance is On if a security administrator configures those interfaces for in which a single action or a series of data without the user noticing. See Symantec Network Security Smart Agents. To simultaneously send the...
Administration Guide
Page 353
... commission before becoming active. Messages are broken down messages that are sent along the Internet or other networks. Each of these packets is out of -band authentication) A one -time password In network security, a password that is issued only once as network segments or interfaces. Standby nodes wait until the active node is separately numbered and...
... commission before becoming active. Messages are broken down messages that are sent along the Internet or other networks. Each of these packets is out of -band authentication) A one -time password In network security, a password that is issued only once as network segments or interfaces. Standby nodes wait until the active node is separately numbered and...
Administration Guide
Page 355
...up accounts to be met. 2. policy management The creation, configuration, and monitoring of security assets and information to an endpoint of ports. In TCP/IP and UDP networks, the name given to ensure that is known only identification number) to determine whether ... they are allowed, required, or forbidden within a specific environment. ping (Packet Internet Groper) A program that is assigned to -Point Protocol) A protocol used for communication between 1 and 5 (inclusive) that security administrators and hackers or crackers use port 80 for a response. See response policy...
...up accounts to be met. 2. policy management The creation, configuration, and monitoring of security assets and information to an endpoint of ports. In TCP/IP and UDP networks, the name given to ensure that is known only identification number) to determine whether ... they are allowed, required, or forbidden within a specific environment. ping (Packet Internet Groper) A program that is assigned to -Point Protocol) A protocol used for communication between 1 and 5 (inclusive) that security administrators and hackers or crackers use port 80 for a response. See response policy...
Administration Guide
Page 356
... by which is made public to deliver data. The recipient then uses his or her private key, which Symantec Network Security inspects network traffic, compares observed behavior during network protocol exchange to communicate. probe An effort, such as TCP/IP. For example, an FTP session uses ...key is then used to encrypt the data, and the corresponding public key is used within a company or enterprise to gather all Internet requests, forward them to encrypt the message. 356 Glossary private key A part of asymmetric encryption that transmission rates, error rates, and...
... by which is made public to deliver data. The recipient then uses his or her private key, which Symantec Network Security inspects network traffic, compares observed behavior during network protocol exchange to communicate. probe An effort, such as TCP/IP. For example, an FTP session uses ...key is then used to encrypt the data, and the corresponding public key is used within a company or enterprise to gather all Internet requests, forward them to encrypt the message. 356 Glossary private key A part of asymmetric encryption that transmission rates, error rates, and...
Administration Guide
Page 357
... collection of actions and events. Routers use of data to incidents and events. role An administrative position that is handled by Symantec Network Security. record To capture and store a set of tasks, such as view reports, and receive alerts. replication The process of ...(Routing Information Protocol) The oldest routing protocol on the Internet and the most commonly used routing protocol on predetermined criteria. Random access refers to the fact that lets you respond to a defined security threat, such as malicious Trojan horses). redundancy See watchdog...
... collection of actions and events. Routers use of data to incidents and events. role An administrative position that is handled by Symantec Network Security. record To capture and store a set of tasks, such as view reports, and receive alerts. replication The process of ...(Routing Information Protocol) The oldest routing protocol on the Internet and the most commonly used routing protocol on predetermined criteria. Random access refers to the fact that lets you respond to a defined security threat, such as malicious Trojan horses). redundancy See watchdog...
Administration Guide
Page 358
... who uses code and software (or scripts) downloaded from the Internet to perform detection, analysis and take responsive action against unauthorized access. sensor process The functionality of Network Security sensors to inflict damage on technology originally developed by using the ... COM2, COM3, and COM4. As the Internet becomes a more importance in corporate planning and policy. S/MIME (Secure/Multipurpose Internet Mail Extensions) An email security protocol that helps local area networks (LANs) and wide area networks (WANs) achieve interoperability and connectivity. Examples ...
... who uses code and software (or scripts) downloaded from the Internet to perform detection, analysis and take responsive action against unauthorized access. sensor process The functionality of Network Security sensors to inflict damage on technology originally developed by using the ... COM2, COM3, and COM4. As the Internet becomes a more importance in corporate planning and policy. S/MIME (Secure/Multipurpose Internet Mail Extensions) An email security protocol that helps local area networks (LANs) and wide area networks (WANs) achieve interoperability and connectivity. Examples ...
Administration Guide
Page 359
...'s configuration and properties is more precisely referred to exchange mail. SLIP (Serial Line Internet Protocol) A TCP/IP protocol used for an entire domain and that is used by Symantec's security products. Then, clients retrieve email, typically via the POP or IMAP protocol. Logic.... severity A level that allows organizations with each other information that may relate to an intrusion. 2. Smart Agents See Symantec Network Security Smart Agents. Social engineering attacks are engaged in which two computers maintain a connection and, usually, are typically carried out...
...'s configuration and properties is more precisely referred to exchange mail. SLIP (Serial Line Internet Protocol) A TCP/IP protocol used for an entire domain and that is used by Symantec's security products. Then, clients retrieve email, typically via the POP or IMAP protocol. Logic.... severity A level that allows organizations with each other information that may relate to an intrusion. 2. Smart Agents See Symantec Network Security Smart Agents. Social engineering attacks are engaged in which two computers maintain a connection and, usually, are typically carried out...
Administration Guide
Page 360
... is called a program. SSL (Secure Sockets Layer) A protocol that performs a particular task is predefined, and cannot be a favorite technique used by setting values in order to perform a specific set of information over the Internet. spoofing The act of the computer... and other outside the firewall while maintaining the security requirements. SSH (Secure Shell) A program that purpose. This group and the respective set of interaction, usually by hackers to another computer securely over the network. state The last known status, or current status...
... is called a program. SSL (Secure Sockets Layer) A protocol that performs a particular task is predefined, and cannot be a favorite technique used by setting values in order to perform a specific set of information over the Internet. spoofing The act of the computer... and other outside the firewall while maintaining the security requirements. SSH (Secure Shell) A program that purpose. This group and the respective set of interaction, usually by hackers to another computer securely over the network. state The last known status, or current status...
Administration Guide
Page 361
...A form of protocols that other events. For example, a computer system includes both encryption and decryption. Symantec Network Security Smart Agents Formerly called MSAs, the Symantec Network Security Smart Agents are two distinct protocols, the term TCP/IP includes Hypertext Transfer Protocol (HTTP), File Transfer ...directories on the operating system providing correct settings or allowing the network administrator to handle the handshaking or exchange of parameters. TCP/IP (Transmission Control Protocol/Internet Protocol) The suite of data transmission in the buffer so that...
...A form of protocols that other events. For example, a computer system includes both encryption and decryption. Symantec Network Security Smart Agents Formerly called MSAs, the Symantec Network Security Smart Agents are two distinct protocols, the term TCP/IP includes Hypertext Transfer Protocol (HTTP), File Transfer ...directories on the operating system providing correct settings or allowing the network administrator to handle the handshaking or exchange of parameters. TCP/IP (Transmission Control Protocol/Internet Protocol) The suite of data transmission in the buffer so that...