Glossary
37
SonicWALL TZ 180 TotalSecure
• Deep Packet Inspection - looking at the data portion of the packet. Enables the firewall to
investigate farther into the protocol to examine information at the application layer and
defend against attacks targeting application vulnerabilities.
• Distributed Enforcement Architecture - SonicWALL’s unified threat management
technology that delivers automated signature updates that provide real-time protection
from current and emerging threats
• Signature - code written to detect and prevent intrusions, worms, application exploits, and
Peer-to-Peer and Instant Messaging traff
• Stateful Packet Inspection - examines the contents of individual packets at all layers of
the OSI model, from network layer to application layer.
• Intrusion Detection - a process of identifying and flagging malicious activity aimed at
information technology.
• False Positive - a falsely identified attack traffic pattern.
• Intrusion Prevention - finding anomalies and malicious activity in traffic and reacting to it.
• Snort - an open source network intrusion detection system. SonicWALL IPS includes
open-source Snort signatures, as well as signatures from other signature databases, and
SonicWALL created signatures. SonicWALL does not use the Snort engine.
• Prevention Mechanism: The message which contains the virus is removed from the head of
the sent queue, thus preventing it from being resent, via 552 SMTP response and the
connection is terminated.
