Table Of Contents

Glossary

A
ACL License	Enables router and switch management, including the ability to create, download, and deploy outbreak management tasks and their associated OPACLs.
AV locator	A Cisco ICS feature that enables you to access Trend Micro OfficeScan servers through the Cisco ICS web console.

D
Damage Cleanup engine	The engine that Damage Cleanup Services (DCS) uses to scan for and remove Trojans and Trojan processes and perform cleanup.
Damage Cleanup template	The file that the Damage Cleanup engine uses to help identify Trojan files and processes to be eliminated.
Damage Cleanup Services	A server-based antivirus software application that helps protect computers against Trojans and rid hosts of potentially unwanted spyware and other types of grayware.

I
incident control system (ICS)	The use of attack-specific ACLs and signatures files to help identify network threats and mitigate the effects of outbreaks. With these components, multiple device types and families can become defense nodes against new outbreaks. Three elements comprise the Cisco implementation of ICS: TrendLabs worldwide real-time monitoring and signature development infrastructure; Cisco Incident Control Server—a product that delivers protection from viruses, worms, spyware, and other potential threats; mitigation network devices—switches, routers, IPS appliances, and IOS IPS devices.
IPS device	A type of device you can add to Cisco ICS through the web console. Cisco ICS classifies an IPS device as an IPS appliance or a router with an IOS IPS image. IPS devices can use OPSig files to scan for and identify network-based threats.
IPS High-end Licenses	Enables router, switch, and high-end IPS device management with the same functionality as a low-end IPS license.
IPS Low-end Licenses	Enables router, switch, and low-end IPS device management, including the ability to create, download, and deploy outbreak management tasks, their associated OPACLs, and OPSigs.

M
Microsoft .Net Framework 1.1 and Data Access Components 2.8	The components Cisco ICS requires to generate outbreak management reports. You can install the components during Cisco ICS installation or at a later time from the product CD.

N
network-based threats	Threats that use network protocols, such as TCP, FTP, UDP, HTTP, and e-mail protocols to replicate. They often do not alter system files or modify the boot sectors of hard disks. Instead, they infect the memory of client machines, forcing them to flood the network with traffic, which can cause slowdowns and even complete network failures.

O
OPACL	Outbreak Prevention Access Control List—An ACL that addresses a variety of threats. An OPACL is associated with an outbreak management task and is included in the outbreak management task file. Cisco ICS deploys the OPACL to switches, routers, and IPS devices. Automatic deployment takes place after outbreak management task creation.
OPSig	Outbreak Prevention Signature—A file that helps IPS devices identify unique patterns of bits and bytes that signal the presence of a network-based threat. Cisco ICS deploys the OPSig to IPS devices.
outbreak management report	An outbreak management task-specific report you can use to review overall outbreak management task settings and performance. Items in the report include the name of the threat that the task is addressing, the OPACL end time, the number of hosts on the watch list, and the number of times network traffic matched the rules specified in the OPACL and OPSig.
outbreak management task	A file that contains an OPACL. Cisco ICS uses outbreak management tasks to help protect the network from various threats. Each task is associated with a single threat.

R
red alert	A TrendLabs designation for a virus, worm, Trojan, or other threat that is widespread and poses a serious risk to computer networks.
risk index	The watch list section of a specific task shows the number of hosts that the threat infected and a Risk Index, which is an indicator of how many infected hosts are on the network. The calculation of the Risk Index is as follows: Risk Index = Infected Hosts - Cleaned Hosts

S
spyware	A classification for several types of files and applications that can be covertly installed on computers to track user web surfing habits, display advertisements, log key strokes, change Internet settings, cause abnormal computer behavior, and even compromise system security.
Spyware pattern	The file that the Damage Cleanup engine uses to eliminate spyware and other grayware.

T
threats	Malicious code that can infect computers, negatively affect the performance of a computer network, and cause other nuisances. Threats include, but are not limited to, ActiveX malicious code, COM and EXE file infectors, spyware, Trojans, and worms.
TrendLabs	The global network of antivirus research and product support centers for Trend Micro. TrendLabs monitors worldwide networks for threat outbreaks, analyzes threats, and releases outbreak prevention files that help devices and scan engines detect, block, and eliminate threats.
Trojan	Executable programs that do not replicate but instead reside on systems to perform malicious acts, such as opening ports for hackers to enter. Trojans often use ports to gain access to computers.

V
virus	A general term for malicious code that can infect computers and propagate across networks. Currently, viruses can be classified into a number of categories, including network-based threats, Trojans, and worms.

W
watch list	An at-a-glance summary of potentially infected hosts on the network. Each outbreak management task has an associated watch list for its threat.
web console	A web-based management console which serves as the central point for outbreak management. You can access the Cisco ICS web console at the following address: http(s)://{server}:{port number}/CICS. You must use Internet Explorer to access the Cisco ICS web console.
worm	A self-contained program (or set of programs) that can spread functional copies of itself or its segments to other computer systems, often through e-mail.

Y
yellow alert	A TrendLabs designation for a virus, worm, Trojan, or other threat that has been detected but is not widespread and poses a moderate risk to computer networks.

Posted: Fri Apr 7 09:29:51 PDT 2006
All contents are Copyright © 1992--2006 Cisco Systems, Inc. All rights reserved.
Important Notices and Privacy Statement.