Chapter 5 Network Visibility and Segmentation Definitions Flashcards

1
Q

NetFlow

A

NetFlow is a technology originally created by Cisco that provides comprehensive visibility into all network traffic that traverses a Cisco-supported device. NetFlow was initially created for billing and accounting of network traffic and to measure other IP traffic characteristics such as bandwidth utilization and application performance.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

traditional five-tuple

A

The traditional five-tuple (source IP address, destination IP address, source port, destination port, and IP protocol)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

SCTP

A

IPFIX prefers the Stream Control Transmission Protocol (SCTP) as its transport layer protocol; however, it also supports the use of the Transmission Control Protocol (TCP) or User Datagram Protocol (UDP) messages.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

FlowCollector

A

A physical or virtual appliance that collects NetFlow data from infrastructure devices.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

SMC

A

Stealthwatch Management Console (SMC): The main management application that provides detailed dashboards and the ability to correlate network flow and events.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

FlowSensor

A

A physical or virtual appliance that can generate NetFlow data when legacy Cisco network infrastructure components are not capable of producing line-rate, unsampled NetFlow data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

EPGs

A

Cisco ACI allows organizations to automatically assign endpoints to logical security zones called endpoint groups (EPGs). EPGs are used to group VMs within a tenant and apply filtering and forwarding policies to them. These EPGs are based on various network-based or VM-based attributes.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

SXP

A

The Scalable Group Tag Exchange Protocol (SXP) is a control plane protocol used to convey IP-to-SGT mappings to network devices when you cannot perform inline tagging. SXP provides capabilities to identify and classify IP packets to corresponding SGTs tracked in the mapping table within network devices. SPX uses peer-to-peer TCP connections over TCP port 64999.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

uSeg EPG

A

A micro-segment in ACI is also often referred to as a uSeg EPG. You can group endpoints in existing application EPGs into new micro-segment (uSeg) EPGs and configure network or VM-based attributes for those uSeg EPGs. With these uSeg EPGs, you can apply dynamic policies.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly