Index[SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [K] [L] [M] [N] [O] [P] [R] [S] [T] [U] [V] [W] [Z] sample RFI questions sandbox scenarios for IPS deployment at branch offices at home office at large enterprises 2nd at medium educational institutions at medium financial enterprises at small offices secondary policy groups, configuring securing management communication device-to-device OOB security policies anomaly-based atomic rule-based behavioral pattern-based selecting location for IPS sensor placement management method NIPS management architecture sensors, criteria form factor interfaces processing capacity sensors alerts, risk ratings Cisco Catalyst 6500 series IDSM-2 Cisco IDS Network Module Cisco IOS IPS sensors Cisco IPS 4200 series appliance sensors Cisco product availability configuring inline mode failure of functionality installing large deployments promiscuous mode selection criteria form factor interfaces processing capacity small deployments shared IPS/IDS capabilities alert generation initiating IP blocking IP logging logging attacker traffic logging traffic between attacker and victim logging victim traffic resetting TCP connections shims signature updates signatures alerts allow signature action atomic signatures host-based network-based block signature action cabling characteristics of drop signature action event horizon event responses log signature action reset signature action stateful host-based network-based with anomaly-based triggering mechanism triggering mechanisms anomaly-based detection behavior-based detection pattern detection tuning single packets, dropping single-server management model small IPS sensor deployments small office IPS deployment HIPS implementation limiting factors NIPS implementation security policy goals social engineering software bypass software updates source IP addresses dropping all packets from spoofing Spacefiller spam SPAN (Switch Port Analyzer), capturing network traffic spyware SQL Slammer worm stack memory standalone appliance sensors stateful operation method of network traffic analysis stateful signatures host-based network-based summary alerts suspicious activity, IPS response methods alerting actions blocking actions dropping actions logging actions switch ports, role in layered defense switches capturing network traffic symbolic links system call interception system log analysis system state conditions |