Knowledge BaseSecurity: Sophos Firewall [XG/XGS, Cyberoam]Glossary of Technical terms

Bitte , um Beiträge und Themen zu erstellen.

Glossary of Technical terms

#1 · 27. April 2022, 18:55

Zitat von mpca am 27. April 2022, 18:55 Uhr
https://support.sophos.com/support/s/article/KB-000034650?language=en_US

A

Abbreviation Name Definition

Acceptance Criteria The list of minimal criteria by which a story may be judged as successfully completed.

Action Center A pane on the Dashboard that shows the actions that are currently required.

Active Directory synchronization event An event that occurs during synchronization with Active Directory.

Active sub-estate A sub-estate displayed in the Groups pane.

AD Sync A Sophos tool that lets administrators map users and groups from Active Directory to the Sophos Cloud Console.

ACE / TAO Adaptive Communication Environment / The ACE ORB Library components of CORBA used in RMS. TAO is a real-time C++ implementation of CORBA base upon ACE.

Additional policy A policy created by the user. All policies except for the base policy are additional policies.

ASLR Address Space Layout Randomization A computer security technique involved in protection from buffer overflow attacks.

Advanced Content Control List editor An editor that enables a user to create a custom Content Control List that consists of a score, maximum count, regular expression, and a trigger score that must be reached before the Content Control List is matched.

AES Advanced Encryption Standard A 128-bit block data encryption technique used by the U.S. government to protect classified information and is implemented in software and hardware throughout the world to encrypt sensitive data.

APT Advanced Persistent Threat An advanced persistent threat is a type of targeted attack. APTs are characterized by an attacker who has the time and resources to plan an infiltration into a network. APTs are persistent in that the attackers may remain on a network for some time.

Adware Adware displays advertising, for example, pop-up messages, which affects user productivity and system efficiency.

Agent/Agent software The Sophos Cloud agent software installed on endpoint computers or servers.

Agent software installer The installer for agent software on endpoint computers or servers.

ALPC Advanced Local Procedure Call An internal, undocumented inter-process communication facility provided by the Microsoft Windows NT kernel for lightweight IPC between processes on the same computer. It provides a high-speed scalable communication mechanism required to efficiently implement User-Mode Driver Framework (UMDF), whose user-mode parts require an efficient communication channel with UMDF's components in the executive.

ALPC Section Advanced Local Procedure Call Section Security and convenience wrapper of a plain section. See Section.

ALPC Section View Advanced Local Procedure Call Section View Security and convenience wrapper of a plain section view. See Section View.

Alpha An early phase in software development. See: Technical Preview

Annoying The second-lowest level of bug severity (3). Annoying is when:

There is a defect in functionality with a reasonable workaround.

There is a major cosmetic or typographical issue.

There is acceptable performance degradation.

Application control A function in Sophos Central that detects and blocks applications that are not a security threat, but unsuitable for office use.

Application manager A dialog box that allows or creates new rules for applications that have been blocked by Sophos Client Firewall.

Application rule A rule that applies only to packets of data transferred over the network to or from a particular application.

Associated user The user who is associated with a device protected by Sophos Central.

Authorization manager The module that authorizes adware and PUAs, suspicious files, and applications that exhibits suspicious behavior and buffer overflows.

Automatic Cleanup Cleanup that is performed without any intervention or acceptance by the customer.

Automatic Protection Deployment of security software (installation and policy enforcement) on all the computers in an Active Directory container as soon as they are synchronized with Enterprise Console.

Back to the top of the page

B

Abbreviation Name Definition

Base policy The default policy. This applies to all users, although other policies can override it.

Beta Coordinated activity to widely test an upcoming product release in customer environments outside of Sophos and gain feedback from customers.

Blocked A status showing that applications (including hidden processes), connections, protocols, ICMP messages, and so on have been refused network access.

Buffer overflow detection Detects buffer overflow attacks.

Bug When functionality does not behave as the pod and the Product Owner agreed that it would. Changes (or dislikes) to agree upon functionality are new stories, not bugs.

Business Impact Reflects the pain experienced by users of the system. Options are: Unusable (1), Painful (2), Annoying (3), Polish (4).

BRD Business Requirements Document See PRD.

Back to the top of the page

C

Abbreviation Name Definition

Category A specific tag that is used to classify SophosLabs Content Control Lists according to their type, regulation that defines their contents, or region they apply to.

CEEMEA Central & Eastern Europe, Middle East and Africa Combination of DACH and NEEMEA

Checksum Each version of an application has a unique checksum. The firewall can use this checksum to decide whether an application is allowed or not.

Clean up Remove threats from a device.

Client Communication Port Unnamed port used by a client to communicate with the server. Also known as client port.

CC Code Complete The point in a Feature or Program at which the team declares that all development and testing activities – such as unit testing, system testing and dogfood – have been carried out, and the product meets the quality criteria for release.

Code Freeze The staged delivery to QA at which all planned features are available for verification.

CnC / C&C / C2 Command and Control Command-and-control servers, also called C&C or C2, are used by attackers to maintain communications with compromised systems within a target network.

CORBA Common Object Request Broker Architecture Low level layer in RMS communication involved with SEC-MAC Endpoint connectivity.

Connection Request A request constructed for - or constructed by if the parameter is left NULL - the connect functions (NtConnectPort, NtAlpcConnectPort) to be used to establish a connection. Connection requests may have connection details in data (LPC) or in message attributes forms (LPC and ALPC) accompanying them. They are received by the listen functions (NtListenPort, NtAlpcSendWaitReceivePort). Connection Requests have the type LPC_CONNECTION_REQUEST.

Content Control List (CCL) A set of conditions that specify file content, for example, credit or debit card numbers, or bank account details near to other forms of personally identifiable information. There are two types of Content Control List: SophosLabs Content Control List and custom Content Control List.

Content Rule A rule that contains one or more Content Control Lists and specifies the action that is taken if the user attempts to transfer data that matches all the Content Control Lists in the rule to the specified destination.

Controlled Application A non-malicious application that is prevented from running on your computer by your organization’s security policy. Because it undermines productivity or network performance.

Controlled Data Files that meet data control conditions.

Controlled Device A device that is subject to device control.

Critical level A value that triggers the change of an item’s security status to Critical.

Crossgress rules Rules between subnets on the same UTM (a Sophos Original).

Custom Content Control List A Content Control List that has been created by a Sophos customer. There are two ways to create a custom Content Control List: create a simple list of search terms with a specified search condition, such as any of these terms, or use an advanced Content Control List editor.

Custom rule A rule created by the user to specify the circumstances under which an application is allowed to run.

CET Customer Environment Test All kinds of tests that are not carried out on a test machine but in a customer(-like) environment: See Dogfood, Beta.

Back to the top of the page

D

Abbreviation Name Definition

Dashboard An at-a-glance view of the network’s security status.

Dashboard Event An event in which a dashboard health indicator exceeds critical level. An email alert is generated when a dashboard event occurs.

Data Control A feature created to reduce accidental data loss from workstations. It works by taking action when a workstation user tries to transfer a file that meets criteria defined in the data control policy and rules. For example, when a user attempts to copy a spreadsheet containing a list of customer data to a removable storage device or upload a document marked as confidential into a webmail account, data control will block the transfer, if configured to do so.

DFD Data Flow Diagram A data flow diagram (DFD) is a graphical representation of the flow of data through an information system, modelling its process aspects. A DFD is often used as a preliminary step to create an overview of the system, which can later be elaborated. DFDs can also be used for the visualization of data processing (structured design).

DLP Data Leakage Prevention Data Loss/Leakage Prevention (DLP) solution is a system that is designed to detect potential data breach / data ex-filtration transmissions and prevent them by monitoring, detecting and blocking sensitive data while in-use (endpoint actions), in-motion (network traffic), and at-rest (data storage).

DOBUS Data Out-of-Band Update Service DOBUS™ is a non-internet reliant, resilient, high-availability and trusted managed service that ensures the secure delivery of patches, fixes, and updates to the entire MoD (Ministry of Defence) community.

Data view The view that displays different data depending on the item selected in the tree view.

Database

A collection of information that is organized so that it can easily be accessed, managed, and updated.

The component of the Sophos Enterprise Console that stores details about computers on the network.

Datasheet A single page summary of a Feature or Program, describing key project parameters, burn up charts as well as the Engineering and Software Release Checklists. A Datasheet is usually in the form of an Excel file or Wiki page but may be in other forms.

DROWN Decrypting RSA with Obsolete and Weakened Encryption Decrypting RSA with Obsolete and Weakened eNcryption (DROWN) is a serious vulnerability that affects HTTPS and other services that rely on SSL and TLS, some of the essential cryptographic protocols for Internet security. These protocols allow everyone on the Internet to browse the web, use email, shop online, and send instant messages without third-parties being able to read the communication.

Default sub-estate A sub-estate that has the server root node of the group tree and the Unassigned group as its root. It is displayed by default when you open Enterprise Console for the first time.

DMZ Subnet Demilitarized Zone Subnet A subnet which hosts internet-facing services.

Departmental UTM A UTM focused on delivering services for a specific department.

Deploy To remotely install Sophos endpoint security software using the central console.

Deployment The act of installing security software using the central console.

Description bar A bar in the log viewer which appears above the data view and contains the name of the currently selected item in the tree view.

Destination Unreachable Attack In a Destination Unreachable Attack, forged destination unreachable messages are broadcast in reply to requests for a network resource. This can deny access to a server or network.

DACH Deutschland (Germany), Austria & Switzerland Acronym used in for the region of Germany, Austria, and Switzerland

Device control A feature to reduce accidental data loss from workstations and restrict introduction of software from outside of the network. It works by taking action when a workstation user tries to use an unauthorized storage device or networking device on their workstation.

Devices The collective term for computers, mobile phones and tablets.

DAD Disciplined Agile Delivery Disciplined Agile Delivery (DAD) addresses agile practices across the entire lifecycle, from requirements, architecture, and development to delivery and governance.

DDoS Distributed Denial-of-Service attack DDoS is an attack where multiple compromised systems, which are often infected with a Trojan, are used to target a single system causing a Denial of Service (DoS) attack. Victims of a DDoS attack consist of both the end targeted system and all systems maliciously used and controlled by the hacker in the distributed attack.

Distributed installation When one or more components that make up your management server (Enterprise Console, Sophos Update Manager and Management Server) are installed on more than one server. For example, the database component installed to a dedicated SQL Server computer.

Dogfood In-house activity to test an upcoming product version on Sophos own systems which are representative of our customers' environment.

Domain A collection of security principals that share a central directory database. The central database is usually maintained by a proprietary Microsoft product or technology, known as Active Directory (AD). A person who uses a computer within a domain receives his or her own unique account, or user name. This account can then be assigned access to resources within the domain to allow central control of rights and permissions.

Domain Controller A server that responds to security authentication requests within the Windows Server domain.

DNS Domain Name System The Domain Name System (DNS) is the phone book of the Internet. It allows computers to translate website names, like www.sophos.com, into IP address numbers so that they can communicate with each other.

Domain Name System hijacking A DNS hijacking attack changes a computer’s settings to either ignore DNS or use a DNS server that is controlled by malicious hackers. The attackers can then redirect communication to fraudulent sites. DNS hijacking is commonly used to redirect users to fake login pages for banks and other online services in order to steal their login credentials. It can also be used to redirect security sites to non-existent servers to prevent affected users from updating their security software.

DCI Dynamic Customer Information Dynamic Customer Information (DCI) File is small XML files, one for each active customer username, containing information that SUM uses to work out where to get updates from. The DCI file's name is the MD5 checksum of the username:password.

Back to the top of the page

E

Abbreviation Name Definition

Egress rules Rules which govern traffic from the protected Redux subnet to the rest of Sophos and the internet.

Endpoint (computer) A desktop (workstation) or server computer capable of running endpoint software.

Endpoint (software) A group of security software components which combine to defend an endpoint computer from threats.

EC Engineering Complete The point in a Program at which the team declares that all engineering related activities (Development, QA, Documentation, Translation etc.) is complete.

Epics Clusters of related functionality that can easily be bundled together and expressed simply. Before starting work, epics must be decomposed into stories.

Estate / IT Estate The company IT environment, including computers, network etc.

ETW Event Tracing for Windows Event Tracing for Windows (ETW) provides a mechanism to trace and log events that are raised by user-mode applications and kernel-mode drivers. ETW is implemented in the Windows operating system and provides developers a fast, reliable, and versatile set of event tracing features.

Exclusions Files, drives or processes that are not included in scanning.

Exempt device A device that is explicitly excluded from device control.

Expression / Regular Expression A search string that uses special characters to match a text pattern in a file. Data control uses Perl 5 regular expression syntax.

Extensive scanning Scanning every part of every file.

Back to the top of the page

F

Abbreviation Name Definition

Feature Usually used to refer to an Engineering project to deliver new functionality or modifications to a product, with defined business justification, objectives and success criteria. A Feature may form part of a wider program of work (see Program) or it may be self-contained and delivered in isolation.

FC Feature Complete The point at which the team declares that all new functionality has been successfully developed, integrated and tested, but is not yet ready for release. Remaining work may include Test Passes, System Testing or Dogfood.

File matching rule A rule that specifies the action that is taken if the user attempts to transfer a file with the specified file name or of the specified file type to the specified destination, for example, block the transfer of databases to removable storage devices.

Firewall event A situation that occurs when an unknown application, or the operating system, on one computer tries to communicate with another computer over a network connection in a way that was not specifically requested by the applications running on the other computer.

Firewall policy The settings issued by the management console which the firewall uses to monitor the computer's connection to the internet and other networks.

FCS First Customer Ship The point at which all deployment preparations have been completed, and the completed product is first released to customers.

Fraggle attack A fraggle attack involves the sending of large numbers of UDP echo (ping) messages to IP addresses with a spoofed source address. The supposed source address will then be flooded with large numbers of replies.

FS Functional Specification A document that describes what the behaviour of the software system will be, but without going into the technical details of how that behaviour will be implemented. The functional specification is created by the Engineering team in response to the Product Requirements Document (PRD) in order to describe how the requirements will be fulfilled.

Back to the top of the page

G

Abbreviation Name Definition

General Availability The point at which the product is made available to all customers through their standard update mechanisms.

GES Global Escalation Services Support Escalation team (level 3).

Global rules Rules that are applied to all network connections and applications which do not already have a rule. They take lower priority than the rules set on the LAN page. They also take lower priority than application rules (unless the user specifies otherwise).

Group A group of users or managed computers.

Group A, B, C release This refers to different stages of the Staged release process. Group A is the first group of customers to which software is released. Providing there are no blocking issues reported from the field, the release will then be rolled out to Group B followed by Group C.

Back to the top of the page

H

Abbreviation Name Definition

Hardening Regression testing time between the end of the sprint and the actual production deployment of the latest release.

Health Indicator Generic term for icons depicting security status of a dashboard section or item, or the overall health status of the network.

Hidden process An application sometimes launches a hidden process to perform some network access for it. Malicious applications may use this technique to evade firewalls: they launch a trusted application to access the network rather than doing so themselves.

High-priority global rule A rule that is applied before any other global or application rule.

HIPS Host Intrusion Prevention System A security technology that protects computers from suspicious files, unidentified viruses, and suspicious behavior.

Hotfix A version of a product containing an important bug fix that is made available to specific customers, or specific product lines only.

Back to the top of the page

I

Abbreviation Name Definition

ICMP Internet Control Message Protocol A network-layer internet protocol that provides error correction and other information relevant to IP packet processing.

ICMP Settings Internet Control Message Protocol Settings The settings that specify which types of network management communication are allowed.

IDE Identity File A file that enables Sophos Anti-Virus to detect and disinfect a particular virus, worm, Trojan, or item of spyware. Sophos may release IDEs several times each day. After one month, IDE files are rolled up and included in the virus data. This allows them to be loaded faster.

Ingress rules Rules which govern traffic from all networks external to the referenced UTM.

Instant Messaging A category of controlled applications that includes instant messaging client applications.

Interactive mode The mode in which the firewall asks you what it should do (with a pop-up dialog) when an attempt is made by a program to access the network or internet.

IDPS Intrusion Detection and Prevention Systems Intrusion detection and prevention systems (IDPS) are primarily focused on identifying possible incidents, logging information about them, attempting to stop them, and reporting them to security administrators.

IDS Intrusion Detection System An intrusion detection system (IDS) is a device or software application that monitors network or system activities for malicious activities or policy violations and produces reports to a management station.

IPS Intrusion Prevention Systems Intrusion prevention systems (IPS) monitor network and systems for malicious activity. IPS can log activity information, and also attempt to block activity and report it to network administrators to prevent network infections.

IP spoofing A method of infiltration; done by faking the header of a packet so that the apparent source is not the real source. This hides the address of the sender, and can be used to execute a Denial of Service (DoS) attack on a third party.

IP tunneling IP tunneling (or IP encapsulation) hides an IP datagram within other IP datagrams. This permits datagrams for one IP address to be redirected to another IP address.

Issue Severity Reflects the technical severity of an issue when it occurs, for example typo (4) through to irrecoverable data loss (1). Options are: Critical (1), High (2), Medium (3), Low (4)

IT estate The company IT environment, including computers, network etc.

Back to the top of the page

J

Abbreviation Name Definition

JSON JavaScript Object Notation JavaScript Object Notation (JSON) is a lightweight, text-based, language-independent data interchange format.

Back to the top of the page

K

Abbreviation Name Definition

KBA Knowledge Base Article Articles stored in a Knowledge base; can be anything from how-to articles to notifications.

Back to the top of the page

L

Abbreviation Name Definition

Learning Dialog A dialog box that asks the user to choose whether to allow or block network activity when an unknown application requests network access.

Legacy updating policy An updating policy that existed before the upgrade of Sophos Enterprise Console from version 3.x to version 4.0, and that is still being used after the upgrade until a new updating policy is applied to the group or groups.

LP Live Protection A feature within Sophos Antivirus that gives the endpoint the ability to lookup files in real-time in order to check if they are malicious.

Lockdown The process of securing a server; securing a server so that no changes can be made.

Log cleanup settings The settings that control when records are deleted.

Log viewer A form where users can view details from the event database, such as connections that have been allowed or blocked, the system log and any alerts that have been raised.

Low delta (warehouse) A low delta warehouse contains a frozen version of a package, for example Endpoint Security and Control 10.2, that receives only threat engine and IDE updates for its entire lifetime, barring any vulnerabilities we might find.

Back to the top of the page

M

Abbreviation Name Definition

Malicious traffic Communications with a remote server that may attempt to take control of the computer.

MTD Malicious Traffic Detection Sophos Malicious Traffic Detection is a component that will monitor HTTP traffic for signs of connectivity to known bad URLs such as Command and Control servers. If this traffic is detected then it is an early indicator that a new piece of malware may be present and as such can aid in the detection and collection of samples to enable the Sophos Labs to write specific detection.

MITM, MitM, MIM, MiM or MITMA Man in the middle attack / man-in-the-middle attack In cryptography and computer security, a man-in-the-middle attack is an attack where the attacker secretly relays and possibly alters the communication between two parties who believe they are directly communicating with each other.

Managed computer A computer that has Remote Management System (RMS) installed and on which the central Sophos console can report and install and update software.

Management console The central console which is a graphical user interface (GUI) component that enables you to protect and manage computers. For Enterprise Console, it may not be the same server that has the management server component installed.

Management server The central server that handles updating and communications with networked computers. For Enterprise Console, it may not be the same server that has the management console component installed.

Match Equal the content that is defined in a Content Control List.

Maximum count The maximum number of matches for a regular expression that can be counted towards the total score.

Member server A server computer that belongs to a domain, and is not a domain controller.

Message Queue A port's container holding messages waiting to be processed (received).

MessageId Unique identifier for a message in the system. It is given to a request before it's sent (NtRequestPort, NtRequestWaitReplyPort, NtAlpcSendWaitReceivePort) and is used throughout a conversation.

MDM Mobile Device Management The Sophos component that provides management features like corporate email access, Lock, Wipe, Locate.

MTR Managed Threat Response Sophos Managed Threat Response (MTR) provides 24/7 threat hunting, detection, and response. It is delivered by an expert team as a fully-managed service.

Back to the top of the page

N

Abbreviation Name Definition

NSG Network Security Group Sophos Network Security Group is formerly Astaro.

NFRD Non-functional Requirements Document A document describing one or more non-functional or technical requirements for a product, such as localization requirements, supported OS platforms, performance, scalability.

Non-interactive mode The Sophos Client Firewall works in two modes. In non-interactive mode the firewall deals with traffic automatically using your rules. You must set these rules manually, or in interactive mode, before using non-interactive mode.

NEEMEA Northern (Nordics) and Eastern Europe, the Middle East & Africa Northern (Nordics) meaning Northern Europe. Used by Sophos when discussing regions.

Back to the top of the page

O

Abbreviation Name Definition

On-access scan A scan that intercepts files as they are accessed (copied, moved, saved, or opened), and grants access to the files only if they do not pose a threat to your computer or are authorized for use.

On-demand scan A scan that you initiate. An on-demand scan can be used to scan anything from a single file to entire computer.

Back to the top of the page

P

Abbreviation Name Definition

Painful Second highest level of bug severity (2). Painful is when:

There is a defect in functionality with a painful workaround.

Produces data or results that are misleading to the user.

There is performance degradation that is acceptable but does not meet stated requirements.

Phase Stages into which a Feature or Program are subdivided, often with defined entry/exit criteria and deliverables.

Phase 1 The Concept phase in the 4 phase Engineering framework. In this phase the business case and rough estimates (costs) are assessed to decide whether there is sufficient justification to proceed.

Phase 2 The Planning phase in the 4 phase Engineering framework. In this phase the baseline scope is established and the project plan is established. Required resources are committed and the the costs that the team will be incurring are defined.

Phase 3 The Implementation (Development and Testing) phase in the 4 phase Engineering framework. In this phase the agreed product functionality is developed and tested.

Phase 4 The Deployment phase in the 4 phase Engineering framework. In this phase deployment of the product is carried out so that it is available for installation on customer production sites.

Pod Small group of engineers (developer + QA) working together to complete a set of stories in a given Sprint. The team is self-organizing and empowered to do what it takes to meet their criteria. They work cooperatively with their Product Owner to negotiate story requirements and make sure the story is completed with high quality.

Policy A group of settings applied to a group or groups of computers defined in the Sophos Enterprise Console.

Polish Lowest level of bug severity (4). Polish is when:

There is a minor cosmetic issue.

There is an easy workaround.

There is functionality that is not intuitive.

PUA Potentially Unwanted Application A potentially unwanted application is an application that is not inherently malicious but is generally considered unsuitable for the majority of business networks.

Pricelist Effective Date This refers to the date when most of the changes included on the price list become effective. Take note that price list often includes changes with different effective dates. These dates are always indicated in the SKU tab in the Pricelist.

Pricelist Release Date This refers to the date when the Price List is published on Sophos.net; the partner portal release date typically trails the release date by a week, but that may vary by region.

Primary configuration The firewall configuration used for the corporate network that the user connects to for their day-to-day business.

Process settings The settings that specify whether modified or hidden processes should be allowed network access.

Product Owner Person responsible for developing stories, prioritizing them, creating acceptance criteria, and negotiating with the pods for a given area of the product.

PRD Product Requirements Document A document describing one or more business or marketing requirements for new functionality / features of a product that is to be delivered by the engineering team.

Program An engineering program is the activity to co-ordinate the development and delivery of multiple Features, including tracking progress, managing common milestones, risks and inter-dependencies between Features.

Project Inception The process by which the business takes an idea and really examines what the proposal is, why we are doing it, and why it is worth time for the business that the project be taken on by engineering.

Protect see Deployment

Back to the top of the page

Q

Abbreviation Name Definition

Quantity The volume of the Content Control List key data type that must be found in a file before the Content Control List is matched.

Quantity key The key type of data defined in a Content Control List, to which the quantity setting is applied. For example, for a Content Control List containing credit or debit card numbers, the quantity specifies how many credit or debit card numbers must be found in a file before the Content Control List is matched.

QM Quarantine Manager The module that enables you to view and deal with items that have been quarantined.

Back to the top of the page

R

Abbreviation Name Definition

Raw Socket Raw socket, or rawsocket, is a network term for a communication process that gives access to the headers on incoming and outgoing packets. This can enable IP address spoofing.

Real-time protection Sophos Feature/process: Scans files as users attempt to access them, and denies access unless the file is clean.

Redux Subnet A subnet protected by a UTM. In the Protected group on the UTM. This is also known as Redux segment.

Region The scope of a SophosLabs Content Control List. The region either specifies the country the Content Control List applies to (for country-specific Content Control Lists) or shows global (for global Content Control Lists that apply to all countries).

Regular expression A search string that uses special characters to match a text pattern in a file. Data control uses Perl 5 regular expression syntax.

Release Sequencing Laying out the epics over the next several sprints in order to coordinate between different product owners and pods what work will be worked on when.

RMS Remote Management System A component of Sophos Endpoint Security and Control that is responsible for sending and receiving messages from the central console or Message Relay server.

Reply (LPC and ALPC Research) A message that is sent to answer a request or another reply. Replies already have a MessageId. Replies have the type LPC_REPLY.

Request (LPC and ALPC Research) A message that has no 'conversation history' and has a MessageId of 0 when sent. Requests have the type LPC_REQUEST.

Role-based administration Allows full administration of the Enterprise Console to delegate and limit control to other users. For more information see Best practice: designing sub-estates and role-based administration.

Back to the top of the page

S

Abbreviation Name Definition

SafeGuard Enterprise SafeGuard Enterprise is a modular information protection control platform that enforces policy-based security for PCs and mobile devices across mixed environments. It is fully transparent to end-users and is easy to administer from a single central console. SafeGuard Enterprise provides multi-layered endpoint data security by combining encryption and data leakage prevention (DLP). Its modular architecture provides comprehensive data security tailored to your organization's needs and growth requirements.

Score The number that is added to the total score for a Content Control List when a regular expression is matched.

Scrum Master The leader of a pod from a project management perspective. Scrum masters are not necessarily technical leaders - frequently, QA engineers make the best Scrum masters. The job of the scrum master is to know what is going on with the pod members at any given moment, and to prioritize helping pod members when they are blocked. Scrum masters are also there to keep the pod moving along within the defined process and remind members when they are drifting out of process.

Scrum of Scrums A quick, frequent (typically daily) meeting between a representative of each of the pods with each other and the Product Scrum Master. They report on the status of their pod summarizing instead of presenting individual achievements. This keeps all of the pods in sync with what each other are doing.

Secondary configuration The firewall configuration used when users are not connected to the main corporate network, but to another network such as a hotel or airport wireless network or another corporate network.

Section A unit of memory that can be shared. A process can use a section object to share parts of its memory address space (memory sections) with other processes. Section objects also provide the mechanism by which a process can map a file into its memory address space.

Section View A view of a section is a part of the section that is actually visible to a process. The act of creating a view for a section is known as mapping a view of the section. Each process that is manipulating the contents of a section has its own view; a process can also have multiple views (to the same or different sections).

SDL Security Description Language SDL is a new generation of VDL for describing threats, expressing Labs business logic, and providing a uniform way of interacting with monitoring and enforcement points to implement Best Protection.

Segment owner The virtual team who owns the service(s) delivered by the segment.

Server root node The topmost node of the group tree in the Groups pane, which includes the Unassigned group.

SSE Server-Sent Events Server-sent events is a technology where a browser receives automatic updates from a server via HTTP connection. The Server-Sent Events EventSource API is standardized as part of HTML5 by the W3C.

Soft Release The completed product is made available via FTP for manual download and installation by customers. This step applies specifically to UTM product releases.

Sophos (Ltd) More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing complete security solutions that are simple to deploy, manage, and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, mobile and network security solutions backed by SophosLabs - a global network of threat intelligence centers. Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.

SCP Sophos Client Protection Sophos Client Protection consists of Sophos Anti-Virus and the Sophos Client Firewall.

SCC Sophos Control Center A graphical viewer that connects to the Sophos Management Service and allow an administrator to view, manage and control Sophos Endpoint Security software. Designed for small businesses with up to approximately 100 computers.

SEC Sophos Enterprise Console The software used to install and manage Sophos products on networked computers.

SED Sophos Endpoint Defense This feature is focused on preventing undesired actions by administrators, for example stopping services and killing processes.

SEM Sophos Enterprise Manager A graphical viewer that connects to the Sophos Management Service and allow an administrator to view, manage and control Sophos Endpoint Security software. Enterprise Manager is a cut down version of Enterprise Console with restrictions on: Endpoint policies (type and number allowed); Available downloadable packages; Installation design (no distributed installation; no RBA; plus other limitations.

SUM Sophos Update Manager A program that downloads Sophos security software and updates from Sophos or another update server to shared update locations.

Sophos-defined rule A rule that has been provided by Sophos as an example. Sophos-defined rules are not updated by Sophos.

SophosLabs Content Control List A Content Control List that has been provided and is managed by Sophos. Sophos can update SophosLabs Content Control Lists or create new Content Control Lists and make them available in Enterprise Console. The contents of SophosLabs Content Control Lists cannot be edited. However, the quantity can be set for each such Content Control List.

Spike A larger investigative task that is used to research, prototype, and document conclusions that will be used as input into developing new stories or estimating existing stories. Spikes should never produce shippable code.

Sprint Framework for a short iteration of software development, containing all phases of software development from requirements gathering, design, coding, and testing. The results of a Sprint should be releasable.

Staged Release An approach to releasing a product to groups of customers in defined Stages. At each Stage of the release, issues reported from customers are assessed, and the release only proceeds to the next Stage once any issues are understood and deemed acceptable. Customers are generally separated into Groups according to how risk averse or critical to the business they are with more risk averse customers receiving the release at later Stages.

Standup A quick, frequent (typically daily) meeting between pod members that asks each individual:

What they accomplished yesterday (if this didn't line up with yesterday's plan, why not)

What they plan to accomplish today

If they need any help/are blocked by anything

Stateful inspection Packet checking technology that allows the rule to query not just the source and destination of a packet, but whether the packet was part of an earlier communication. Stateful inspection can help to avoid threats from IP spoofing. It can also streamline the filtering process, as packets do not have to be re-checked by your rules.

Story An expression of a feature requirement broken into a small chunk that can be addressed by a small team (Pod) during a Sprint cycle.

Sub-estate A named part of the IT estate, containing a subset of the computers and groups.

Sub-estate administration A feature that restricts the computers and groups that are available to perform operations on.

Suspicious behavior detection Dynamic analysis of the behavior of all programs running on the system in order to detect and block activity which appears to be malicious.

SWAG High level estimate (can be timescales, costs, or resources) carried out without detailed analysis

Synchronization interval The period after which a synchronization point in Enterprise Console is synchronized with the selected Active Directory container.

Synchronization point (for an Active Directory tree) A Sophos Enterprise Console group into which the contents of a selected Active Directory container (groups and computers or groups only) will be added for synchronization, their structure preserved.

Synchronization with Active Directory A one-way synchronization of Sophos Enterprise Console group(s) with Active Directory organizational units, or containers

System Administrator A pre-configured role that has full rights to manage Sophos security software on the network and roles in Enterprise Console. The System Administrator role cannot be deleted or have its rights or name changed, and the Sophos Full Administrators Windows group cannot be removed from it. Other users and groups can be added to or removed from the role.

System Test Complete All test cases that have been planned to be executed during system testing have been successfully run.

System Testing Testing on a complete integrated software system to assess whether it complies with its requirements.

Back to the top of the page

T

Abbreviation Name Definition

Tag A descriptor applied to a SophosLabs Content Control List to identify the contents or scope of the Content Control List. There are three types of tag: type, regulation, and region.

Tamper protection A feature that prevents known malware and unauthorized users (local administrators and users with limited technical knowledge) from uninstalling Sophos security software or disabling it.

Task A story gets broken down into logical atomic units (Tasks) that can be split up among pod members for implementation. A story cannot be marked complete until all tasks have been addressed.

TP Technical Preview An early version of software that is made available to allow customers to access upcoming new functionality that is still under development and provide early feedback.

Test Pass A deterministic exercise whereby the full set of test cases (both automated and manual) that have been planned for the feature are executed. This is carried out after a feature is declared Feature Complete but before it can be declared Code Complete. Typically 3 Test Passes are planned with defect fixing in between each Test Pass.

Test Plan A test plan is a document describing the scope, approach, objectives of software testing. It identifies which functionality will be tested, the series of tests (test cases) that will be executed, the pass/fail criteria for those tests.

Test Schedule Describes the feature-wise timeline for verification, resources being used for verification for every cycle of test.

Test Strategy An outline document describing the approach to testing that will be adopted by the team and which will guide the design of the tests and test systems.

Theme High level goal expressed broadly as used as shorthand for describing a set of features before detailed definition work has been done. From themes, we produce several related epics.

Threat detection engine / threat engine The threat detection engine provides the ability to analyze computer files to determine the format of the files, and provides an environment in which to run IDEs. Each new release of the engine is given a version number. This is previously known as virus engine.

Total Score The sum of the scores for a Content Control List, according to the content that has been matched.

Tree View The view that controls what data the log viewer displays in its data view.

Trigger score The number of times a regular expression must be matched before a Content Control List is matched.

True file type The file type that is ascertained by analyzing the structure of a file as opposed to the filename extension. This is a more reliable method.

Type The criteria according to which SophosLabs Content Control Lists are classified, for example, a Content Control List defining passport details, postal addresses, or email addresses belongs to the Personally Identifiable Information type.

Back to the top of the page

U

Abbreviation Name Definition

UTM Unified Threat Management A category of security appliances which integrates a range of security features into a single appliance.

Unusable Highest level of bug severity. Unusable is when:

The defect causes data loss, corruption, or distortion.

The system is not functional.

There is no workaround.

There is incorrect functionality, which could cause an incorrect business decision to be made.

There is considerable performance degradation.

There is a possibility for significant monetary loss.

UCD Use Case Diagram A use case diagram at its simplest is a representation of a user's interaction with the system that shows the relationship between the user and the different use cases in which the user is involved.

UAC User Account Control User Account Control is a security component that was introduced with Microsoft's Windows Vista and Windows Server 2008 operating systems and allows an administrator to enter credentials during a non-administrator's user session to perform occasional administrative tasks.

Utilization Saturation and Errors The Utilization Saturation and Errors (USE) Method is a methodology for analyzing the performance of any system. It directs the construction of a checklist, which for server analysis can be used for quickly identifying resource bottlenecks or errors.

Back to the top of the page

V

Abbreviation Name Definition

Virus data files (also known as Detection data or Threat data files) Virus data is the name given to the group of files (largely written in VDL) that are used by the threat detection engine and include .IDEs, .VDBs, and some xml files. Virus (threat) data files are loaded into memory (RAM) and used by the threat detection engine. In Sophos Anti-Virus for Windows the virus data mainly consists of the following files: C:\Program Files (x86)\Sophos\Sophos Anti-Virus\vdl*.* (depending on the version of Windows).

VDL Virus Description Language Sophos's proprietary computer programming language specifically written to define the process required to identify and clean up computer malware, detecting items such as PUAs, and in Application Control. Virus identities are written in VDL by the expert analysts in SophosLabs.

IDE Virus identity file A file that enables Sophos Anti-Virus to detect and disinfect a particular virus, worm, Trojan, or item of spyware. See also: Identity File.

VoIP Voice over IP A category of controlled applications that includes Voice over IP client applications.

Back to the top of the page

W

Abbreviation Name Definition

Warehouse A warehouse is a store of programs and data published by Sophos. Warehouses are stored in a repository, which is a particular location on a server. One repository can contain multiple warehouses.

Web Control A feature that allows you to set and enforce web access policies for your organization, and to view reports on web browsing usage.

Web Gateway Protects your network against risky or inappropriate web browsing. It can also prevent loss of confidential data, trust certain networks, and report on all your users’ web browsing.

WE Western Europe A term used by Sophos when discussing regions: Western Europe specifically means: France, Spain, Italy, Portugal, Benelux

WAN Wide Area Network The network which connects UTMs. This is also known as Redux transit network. This is currently shared with Green.

Windows Firewall Windows Firewall is a software component of Microsoft Windows that provides firewall and packet filtering functions that then either blocks it or allows it to pass through to your computer. For more information see: Windows Firewall: frequently asked questions.

Working mode The setting that determines whether the firewall applies actions with input from the user (interactive mode) or automatically (the non-interactive modes).

Workgroup A workgroup is Microsoft's terminology for a peer-to-peer Windows computer network. For a comparison of a Workgroup to a domain network see Microsoft TechNet: Workgroups compared with domains.

https://support.sophos.com/support/s/article/KB-000034650?language=en_US

Abbreviation	Name	Definition
	Acceptance Criteria	The list of minimal criteria by which a story may be judged as successfully completed.
	Action Center	A pane on the Dashboard that shows the actions that are currently required.
	Active Directory synchronization event	An event that occurs during synchronization with Active Directory.
	Active sub-estate	A sub-estate displayed in the Groups pane.
	AD Sync	A Sophos tool that lets administrators map users and groups from Active Directory to the Sophos Cloud Console.
ACE / TAO	Adaptive Communication Environment / The ACE ORB	Library components of CORBA used in RMS. TAO is a real-time C++ implementation of CORBA base upon ACE.
	Additional policy	A policy created by the user. All policies except for the base policy are additional policies.
ASLR	Address Space Layout Randomization	A computer security technique involved in protection from buffer overflow attacks.
	Advanced Content Control List editor	An editor that enables a user to create a custom Content Control List that consists of a score, maximum count, regular expression, and a trigger score that must be reached before the Content Control List is matched.
AES	Advanced Encryption Standard	A 128-bit block data encryption technique used by the U.S. government to protect classified information and is implemented in software and hardware throughout the world to encrypt sensitive data.
APT	Advanced Persistent Threat	An advanced persistent threat is a type of targeted attack. APTs are characterized by an attacker who has the time and resources to plan an infiltration into a network. APTs are persistent in that the attackers may remain on a network for some time.
	Adware	Adware displays advertising, for example, pop-up messages, which affects user productivity and system efficiency.
	Agent/Agent software	The Sophos Cloud agent software installed on endpoint computers or servers.
	Agent software installer	The installer for agent software on endpoint computers or servers.
ALPC	Advanced Local Procedure Call	An internal, undocumented inter-process communication facility provided by the Microsoft Windows NT kernel for lightweight IPC between processes on the same computer. It provides a high-speed scalable communication mechanism required to efficiently implement User-Mode Driver Framework (UMDF), whose user-mode parts require an efficient communication channel with UMDF's components in the executive.
ALPC Section	Advanced Local Procedure Call Section	Security and convenience wrapper of a plain section. See Section.
ALPC Section View	Advanced Local Procedure Call Section View	Security and convenience wrapper of a plain section view. See Section View.
	Alpha	An early phase in software development. See: Technical Preview
	Annoying	The second-lowest level of bug severity (3). Annoying is when: There is a defect in functionality with a reasonable workaround. There is a major cosmetic or typographical issue. There is acceptable performance degradation.
	Application control	A function in Sophos Central that detects and blocks applications that are not a security threat, but unsuitable for office use.
	Application manager	A dialog box that allows or creates new rules for applications that have been blocked by Sophos Client Firewall.
	Application rule	A rule that applies only to packets of data transferred over the network to or from a particular application.
	Associated user	The user who is associated with a device protected by Sophos Central.
	Authorization manager	The module that authorizes adware and PUAs, suspicious files, and applications that exhibits suspicious behavior and buffer overflows.
	Automatic Cleanup	Cleanup that is performed without any intervention or acceptance by the customer.
	Automatic Protection	Deployment of security software (installation and policy enforcement) on all the computers in an Active Directory container as soon as they are synchronized with Enterprise Console.

Back to the top of the page

Abbreviation	Name	Definition
	Base policy	The default policy. This applies to all users, although other policies can override it.
	Beta	Coordinated activity to widely test an upcoming product release in customer environments outside of Sophos and gain feedback from customers.
	Blocked	A status showing that applications (including hidden processes), connections, protocols, ICMP messages, and so on have been refused network access.
	Buffer overflow detection	Detects buffer overflow attacks.
	Bug	When functionality does not behave as the pod and the Product Owner agreed that it would. Changes (or dislikes) to agree upon functionality are new stories, not bugs.
	Business Impact	Reflects the pain experienced by users of the system. Options are: Unusable (1), Painful (2), Annoying (3), Polish (4).
BRD	Business Requirements Document	See PRD.

Back to the top of the page

Abbreviation	Name	Definition
	Category	A specific tag that is used to classify SophosLabs Content Control Lists according to their type, regulation that defines their contents, or region they apply to.
CEEMEA	Central & Eastern Europe, Middle East and Africa	Combination of DACH and NEEMEA
	Checksum	Each version of an application has a unique checksum. The firewall can use this checksum to decide whether an application is allowed or not.
	Clean up	Remove threats from a device.
	Client Communication Port	Unnamed port used by a client to communicate with the server. Also known as client port.
CC	Code Complete	The point in a Feature or Program at which the team declares that all development and testing activities – such as unit testing, system testing and dogfood – have been carried out, and the product meets the quality criteria for release.
	Code Freeze	The staged delivery to QA at which all planned features are available for verification.
CnC / C&C / C2	Command and Control	Command-and-control servers, also called C&C or C2, are used by attackers to maintain communications with compromised systems within a target network.
CORBA	Common Object Request Broker Architecture	Low level layer in RMS communication involved with SEC-MAC Endpoint connectivity.
	Connection Request	A request constructed for - or constructed by if the parameter is left NULL - the connect functions (NtConnectPort, NtAlpcConnectPort) to be used to establish a connection. Connection requests may have connection details in data (LPC) or in message attributes forms (LPC and ALPC) accompanying them. They are received by the listen functions (NtListenPort, NtAlpcSendWaitReceivePort). Connection Requests have the type LPC_CONNECTION_REQUEST.
	Content Control List (CCL)	A set of conditions that specify file content, for example, credit or debit card numbers, or bank account details near to other forms of personally identifiable information. There are two types of Content Control List: SophosLabs Content Control List and custom Content Control List.
	Content Rule	A rule that contains one or more Content Control Lists and specifies the action that is taken if the user attempts to transfer data that matches all the Content Control Lists in the rule to the specified destination.
	Controlled Application	A non-malicious application that is prevented from running on your computer by your organization’s security policy. Because it undermines productivity or network performance.
	Controlled Data	Files that meet data control conditions.
	Controlled Device	A device that is subject to device control.
	Critical level	A value that triggers the change of an item’s security status to Critical.
	Crossgress rules	Rules between subnets on the same UTM (a Sophos Original).
	Custom Content Control List	A Content Control List that has been created by a Sophos customer. There are two ways to create a custom Content Control List: create a simple list of search terms with a specified search condition, such as any of these terms, or use an advanced Content Control List editor.
	Custom rule	A rule created by the user to specify the circumstances under which an application is allowed to run.
CET	Customer Environment Test	All kinds of tests that are not carried out on a test machine but in a customer(-like) environment: See Dogfood, Beta.

Back to the top of the page

Abbreviation	Name	Definition
	Dashboard	An at-a-glance view of the network’s security status.
	Dashboard Event	An event in which a dashboard health indicator exceeds critical level. An email alert is generated when a dashboard event occurs.
	Data Control	A feature created to reduce accidental data loss from workstations. It works by taking action when a workstation user tries to transfer a file that meets criteria defined in the data control policy and rules. For example, when a user attempts to copy a spreadsheet containing a list of customer data to a removable storage device or upload a document marked as confidential into a webmail account, data control will block the transfer, if configured to do so.
DFD	Data Flow Diagram	A data flow diagram (DFD) is a graphical representation of the flow of data through an information system, modelling its process aspects. A DFD is often used as a preliminary step to create an overview of the system, which can later be elaborated. DFDs can also be used for the visualization of data processing (structured design).
DLP	Data Leakage Prevention	Data Loss/Leakage Prevention (DLP) solution is a system that is designed to detect potential data breach / data ex-filtration transmissions and prevent them by monitoring, detecting and blocking sensitive data while in-use (endpoint actions), in-motion (network traffic), and at-rest (data storage).
DOBUS	Data Out-of-Band Update Service	DOBUS™ is a non-internet reliant, resilient, high-availability and trusted managed service that ensures the secure delivery of patches, fixes, and updates to the entire MoD (Ministry of Defence) community.
	Data view	The view that displays different data depending on the item selected in the tree view.
	Database	A collection of information that is organized so that it can easily be accessed, managed, and updated. The component of the Sophos Enterprise Console that stores details about computers on the network.
	Datasheet	A single page summary of a Feature or Program, describing key project parameters, burn up charts as well as the Engineering and Software Release Checklists. A Datasheet is usually in the form of an Excel file or Wiki page but may be in other forms.
DROWN	Decrypting RSA with Obsolete and Weakened Encryption	Decrypting RSA with Obsolete and Weakened eNcryption (DROWN) is a serious vulnerability that affects HTTPS and other services that rely on SSL and TLS, some of the essential cryptographic protocols for Internet security. These protocols allow everyone on the Internet to browse the web, use email, shop online, and send instant messages without third-parties being able to read the communication.
	Default sub-estate	A sub-estate that has the server root node of the group tree and the Unassigned group as its root. It is displayed by default when you open Enterprise Console for the first time.
DMZ Subnet	Demilitarized Zone Subnet	A subnet which hosts internet-facing services.
	Departmental UTM	A UTM focused on delivering services for a specific department.
	Deploy	To remotely install Sophos endpoint security software using the central console.
	Deployment	The act of installing security software using the central console.
	Description bar	A bar in the log viewer which appears above the data view and contains the name of the currently selected item in the tree view.
	Destination Unreachable Attack	In a Destination Unreachable Attack, forged destination unreachable messages are broadcast in reply to requests for a network resource. This can deny access to a server or network.
DACH	Deutschland (Germany), Austria & Switzerland	Acronym used in for the region of Germany, Austria, and Switzerland
	Device control	A feature to reduce accidental data loss from workstations and restrict introduction of software from outside of the network. It works by taking action when a workstation user tries to use an unauthorized storage device or networking device on their workstation.
	Devices	The collective term for computers, mobile phones and tablets.
DAD	Disciplined Agile Delivery	Disciplined Agile Delivery (DAD) addresses agile practices across the entire lifecycle, from requirements, architecture, and development to delivery and governance.
DDoS	Distributed Denial-of-Service attack	DDoS is an attack where multiple compromised systems, which are often infected with a Trojan, are used to target a single system causing a Denial of Service (DoS) attack. Victims of a DDoS attack consist of both the end targeted system and all systems maliciously used and controlled by the hacker in the distributed attack.
	Distributed installation	When one or more components that make up your management server (Enterprise Console, Sophos Update Manager and Management Server) are installed on more than one server. For example, the database component installed to a dedicated SQL Server computer.
	Dogfood	In-house activity to test an upcoming product version on Sophos own systems which are representative of our customers' environment.
	Domain	A collection of security principals that share a central directory database. The central database is usually maintained by a proprietary Microsoft product or technology, known as Active Directory (AD). A person who uses a computer within a domain receives his or her own unique account, or user name. This account can then be assigned access to resources within the domain to allow central control of rights and permissions.
	Domain Controller	A server that responds to security authentication requests within the Windows Server domain.
DNS	Domain Name System	The Domain Name System (DNS) is the phone book of the Internet. It allows computers to translate website names, like http://www.sophos.com, into IP address numbers so that they can communicate with each other.
	Domain Name System hijacking	A DNS hijacking attack changes a computer’s settings to either ignore DNS or use a DNS server that is controlled by malicious hackers. The attackers can then redirect communication to fraudulent sites. DNS hijacking is commonly used to redirect users to fake login pages for banks and other online services in order to steal their login credentials. It can also be used to redirect security sites to non-existent servers to prevent affected users from updating their security software.
DCI	Dynamic Customer Information	Dynamic Customer Information (DCI) File is small XML files, one for each active customer username, containing information that SUM uses to work out where to get updates from. The DCI file's name is the MD5 checksum of the username:password.

Back to the top of the page

Abbreviation	Name	Definition
	Egress rules	Rules which govern traffic from the protected Redux subnet to the rest of Sophos and the internet.
	Endpoint (computer)	A desktop (workstation) or server computer capable of running endpoint software.
	Endpoint (software)	A group of security software components which combine to defend an endpoint computer from threats.
EC	Engineering Complete	The point in a Program at which the team declares that all engineering related activities (Development, QA, Documentation, Translation etc.) is complete.
	Epics	Clusters of related functionality that can easily be bundled together and expressed simply. Before starting work, epics must be decomposed into stories.
	Estate / IT Estate	The company IT environment, including computers, network etc.
ETW	Event Tracing for Windows	Event Tracing for Windows (ETW) provides a mechanism to trace and log events that are raised by user-mode applications and kernel-mode drivers. ETW is implemented in the Windows operating system and provides developers a fast, reliable, and versatile set of event tracing features.
	Exclusions	Files, drives or processes that are not included in scanning.
	Exempt device	A device that is explicitly excluded from device control.
	Expression / Regular Expression	A search string that uses special characters to match a text pattern in a file. Data control uses Perl 5 regular expression syntax.
	Extensive scanning	Scanning every part of every file.

Back to the top of the page

Abbreviation	Name	Definition
	Feature	Usually used to refer to an Engineering project to deliver new functionality or modifications to a product, with defined business justification, objectives and success criteria. A Feature may form part of a wider program of work (see Program) or it may be self-contained and delivered in isolation.
FC	Feature Complete	The point at which the team declares that all new functionality has been successfully developed, integrated and tested, but is not yet ready for release. Remaining work may include Test Passes, System Testing or Dogfood.
	File matching rule	A rule that specifies the action that is taken if the user attempts to transfer a file with the specified file name or of the specified file type to the specified destination, for example, block the transfer of databases to removable storage devices.
	Firewall event	A situation that occurs when an unknown application, or the operating system, on one computer tries to communicate with another computer over a network connection in a way that was not specifically requested by the applications running on the other computer.
	Firewall policy	The settings issued by the management console which the firewall uses to monitor the computer's connection to the internet and other networks.
FCS	First Customer Ship	The point at which all deployment preparations have been completed, and the completed product is first released to customers.
	Fraggle attack	A fraggle attack involves the sending of large numbers of UDP echo (ping) messages to IP addresses with a spoofed source address. The supposed source address will then be flooded with large numbers of replies.
FS	Functional Specification	A document that describes what the behaviour of the software system will be, but without going into the technical details of how that behaviour will be implemented. The functional specification is created by the Engineering team in response to the Product Requirements Document (PRD) in order to describe how the requirements will be fulfilled.

Back to the top of the page

Abbreviation	Name	Definition
	General Availability	The point at which the product is made available to all customers through their standard update mechanisms.
GES	Global Escalation Services	Support Escalation team (level 3).
	Global rules	Rules that are applied to all network connections and applications which do not already have a rule. They take lower priority than the rules set on the LAN page. They also take lower priority than application rules (unless the user specifies otherwise).
	Group	A group of users or managed computers.
	Group A, B, C release	This refers to different stages of the Staged release process. Group A is the first group of customers to which software is released. Providing there are no blocking issues reported from the field, the release will then be rolled out to Group B followed by Group C.

Back to the top of the page

Abbreviation	Name	Definition
	Hardening	Regression testing time between the end of the sprint and the actual production deployment of the latest release.
	Health Indicator	Generic term for icons depicting security status of a dashboard section or item, or the overall health status of the network.
	Hidden process	An application sometimes launches a hidden process to perform some network access for it. Malicious applications may use this technique to evade firewalls: they launch a trusted application to access the network rather than doing so themselves.
	High-priority global rule	A rule that is applied before any other global or application rule.
HIPS	Host Intrusion Prevention System	A security technology that protects computers from suspicious files, unidentified viruses, and suspicious behavior.
	Hotfix	A version of a product containing an important bug fix that is made available to specific customers, or specific product lines only.

Back to the top of the page

Abbreviation	Name	Definition
ICMP	Internet Control Message Protocol	A network-layer internet protocol that provides error correction and other information relevant to IP packet processing.
ICMP Settings	Internet Control Message Protocol Settings	The settings that specify which types of network management communication are allowed.
IDE	Identity File	A file that enables Sophos Anti-Virus to detect and disinfect a particular virus, worm, Trojan, or item of spyware. Sophos may release IDEs several times each day. After one month, IDE files are rolled up and included in the virus data. This allows them to be loaded faster.
	Ingress rules	Rules which govern traffic from all networks external to the referenced UTM.
	Instant Messaging	A category of controlled applications that includes instant messaging client applications.
	Interactive mode	The mode in which the firewall asks you what it should do (with a pop-up dialog) when an attempt is made by a program to access the network or internet.
IDPS	Intrusion Detection and Prevention Systems	Intrusion detection and prevention systems (IDPS) are primarily focused on identifying possible incidents, logging information about them, attempting to stop them, and reporting them to security administrators.
IDS	Intrusion Detection System	An intrusion detection system (IDS) is a device or software application that monitors network or system activities for malicious activities or policy violations and produces reports to a management station.
IPS	Intrusion Prevention Systems	Intrusion prevention systems (IPS) monitor network and systems for malicious activity. IPS can log activity information, and also attempt to block activity and report it to network administrators to prevent network infections.
	IP spoofing	A method of infiltration; done by faking the header of a packet so that the apparent source is not the real source. This hides the address of the sender, and can be used to execute a Denial of Service (DoS) attack on a third party.
	IP tunneling	IP tunneling (or IP encapsulation) hides an IP datagram within other IP datagrams. This permits datagrams for one IP address to be redirected to another IP address.
	Issue Severity	Reflects the technical severity of an issue when it occurs, for example typo (4) through to irrecoverable data loss (1). Options are: Critical (1), High (2), Medium (3), Low (4)
	IT estate	The company IT environment, including computers, network etc.

Back to the top of the page

Abbreviation	Name	Definition
JSON	JavaScript Object Notation	JavaScript Object Notation (JSON) is a lightweight, text-based, language-independent data interchange format.

Back to the top of the page

Abbreviation	Name	Definition
KBA	Knowledge Base Article	Articles stored in a Knowledge base; can be anything from how-to articles to notifications.

Back to the top of the page

Abbreviation	Name	Definition
	Learning Dialog	A dialog box that asks the user to choose whether to allow or block network activity when an unknown application requests network access.
	Legacy updating policy	An updating policy that existed before the upgrade of Sophos Enterprise Console from version 3.x to version 4.0, and that is still being used after the upgrade until a new updating policy is applied to the group or groups.
LP	Live Protection	A feature within Sophos Antivirus that gives the endpoint the ability to lookup files in real-time in order to check if they are malicious.
	Lockdown	The process of securing a server; securing a server so that no changes can be made.
	Log cleanup settings	The settings that control when records are deleted.
	Log viewer	A form where users can view details from the event database, such as connections that have been allowed or blocked, the system log and any alerts that have been raised.
	Low delta (warehouse)	A low delta warehouse contains a frozen version of a package, for example Endpoint Security and Control 10.2, that receives only threat engine and IDE updates for its entire lifetime, barring any vulnerabilities we might find.

Back to the top of the page

Abbreviation	Name	Definition
	Malicious traffic	Communications with a remote server that may attempt to take control of the computer.
MTD	Malicious Traffic Detection	Sophos Malicious Traffic Detection is a component that will monitor HTTP traffic for signs of connectivity to known bad URLs such as Command and Control servers. If this traffic is detected then it is an early indicator that a new piece of malware may be present and as such can aid in the detection and collection of samples to enable the Sophos Labs to write specific detection.
MITM, MitM, MIM, MiM or MITMA	Man in the middle attack / man-in-the-middle attack	In cryptography and computer security, a man-in-the-middle attack is an attack where the attacker secretly relays and possibly alters the communication between two parties who believe they are directly communicating with each other.
	Managed computer	A computer that has Remote Management System (RMS) installed and on which the central Sophos console can report and install and update software.
	Management console	The central console which is a graphical user interface (GUI) component that enables you to protect and manage computers. For Enterprise Console, it may not be the same server that has the management server component installed.
	Management server	The central server that handles updating and communications with networked computers. For Enterprise Console, it may not be the same server that has the management console component installed.
	Match	Equal the content that is defined in a Content Control List.
	Maximum count	The maximum number of matches for a regular expression that can be counted towards the total score.
	Member server	A server computer that belongs to a domain, and is not a domain controller.
	Message Queue	A port's container holding messages waiting to be processed (received).
	MessageId	Unique identifier for a message in the system. It is given to a request before it's sent (NtRequestPort, NtRequestWaitReplyPort, NtAlpcSendWaitReceivePort) and is used throughout a conversation.
MDM	Mobile Device Management	The Sophos component that provides management features like corporate email access, Lock, Wipe, Locate.
MTR	Managed Threat Response	Sophos Managed Threat Response (MTR) provides 24/7 threat hunting, detection, and response. It is delivered by an expert team as a fully-managed service.

Back to the top of the page

Abbreviation	Name	Definition
NSG	Network Security Group	Sophos Network Security Group is formerly Astaro.
NFRD	Non-functional Requirements Document	A document describing one or more non-functional or technical requirements for a product, such as localization requirements, supported OS platforms, performance, scalability.
	Non-interactive mode	The Sophos Client Firewall works in two modes. In non-interactive mode the firewall deals with traffic automatically using your rules. You must set these rules manually, or in interactive mode, before using non-interactive mode.
NEEMEA	Northern (Nordics) and Eastern Europe, the Middle East & Africa	Northern (Nordics) meaning Northern Europe. Used by Sophos when discussing regions.

Back to the top of the page

Abbreviation	Name	Definition
	On-access scan	A scan that intercepts files as they are accessed (copied, moved, saved, or opened), and grants access to the files only if they do not pose a threat to your computer or are authorized for use.
	On-demand scan	A scan that you initiate. An on-demand scan can be used to scan anything from a single file to entire computer.

Back to the top of the page

Abbreviation	Name	Definition
	Painful	Second highest level of bug severity (2). Painful is when: There is a defect in functionality with a painful workaround. Produces data or results that are misleading to the user. There is performance degradation that is acceptable but does not meet stated requirements.
	Phase	Stages into which a Feature or Program are subdivided, often with defined entry/exit criteria and deliverables.
	Phase 1	The Concept phase in the 4 phase Engineering framework. In this phase the business case and rough estimates (costs) are assessed to decide whether there is sufficient justification to proceed.
	Phase 2	The Planning phase in the 4 phase Engineering framework. In this phase the baseline scope is established and the project plan is established. Required resources are committed and the the costs that the team will be incurring are defined.
	Phase 3	The Implementation (Development and Testing) phase in the 4 phase Engineering framework. In this phase the agreed product functionality is developed and tested.
	Phase 4	The Deployment phase in the 4 phase Engineering framework. In this phase deployment of the product is carried out so that it is available for installation on customer production sites.
	Pod	Small group of engineers (developer + QA) working together to complete a set of stories in a given Sprint. The team is self-organizing and empowered to do what it takes to meet their criteria. They work cooperatively with their Product Owner to negotiate story requirements and make sure the story is completed with high quality.
	Policy	A group of settings applied to a group or groups of computers defined in the Sophos Enterprise Console.
	Polish	Lowest level of bug severity (4). Polish is when: There is a minor cosmetic issue. There is an easy workaround. There is functionality that is not intuitive.
PUA	Potentially Unwanted Application	A potentially unwanted application is an application that is not inherently malicious but is generally considered unsuitable for the majority of business networks.
	Pricelist Effective Date	This refers to the date when most of the changes included on the price list become effective. Take note that price list often includes changes with different effective dates. These dates are always indicated in the SKU tab in the Pricelist.
	Pricelist Release Date	This refers to the date when the Price List is published on Sophos.net; the partner portal release date typically trails the release date by a week, but that may vary by region.
	Primary configuration	The firewall configuration used for the corporate network that the user connects to for their day-to-day business.
	Process settings	The settings that specify whether modified or hidden processes should be allowed network access.
	Product Owner	Person responsible for developing stories, prioritizing them, creating acceptance criteria, and negotiating with the pods for a given area of the product.
PRD	Product Requirements Document	A document describing one or more business or marketing requirements for new functionality / features of a product that is to be delivered by the engineering team.
	Program	An engineering program is the activity to co-ordinate the development and delivery of multiple Features, including tracking progress, managing common milestones, risks and inter-dependencies between Features.
	Project Inception	The process by which the business takes an idea and really examines what the proposal is, why we are doing it, and why it is worth time for the business that the project be taken on by engineering.
	Protect	see Deployment

Back to the top of the page

Abbreviation	Name	Definition
	Quantity	The volume of the Content Control List key data type that must be found in a file before the Content Control List is matched.
	Quantity key	The key type of data defined in a Content Control List, to which the quantity setting is applied. For example, for a Content Control List containing credit or debit card numbers, the quantity specifies how many credit or debit card numbers must be found in a file before the Content Control List is matched.
QM	Quarantine Manager	The module that enables you to view and deal with items that have been quarantined.

Back to the top of the page

Abbreviation	Name	Definition
	Raw Socket	Raw socket, or rawsocket, is a network term for a communication process that gives access to the headers on incoming and outgoing packets. This can enable IP address spoofing.
	Real-time protection	Sophos Feature/process: Scans files as users attempt to access them, and denies access unless the file is clean.
	Redux Subnet	A subnet protected by a UTM. In the Protected group on the UTM. This is also known as Redux segment.
	Region	The scope of a SophosLabs Content Control List. The region either specifies the country the Content Control List applies to (for country-specific Content Control Lists) or shows global (for global Content Control Lists that apply to all countries).
	Regular expression	A search string that uses special characters to match a text pattern in a file. Data control uses Perl 5 regular expression syntax.
	Release Sequencing	Laying out the epics over the next several sprints in order to coordinate between different product owners and pods what work will be worked on when.
RMS	Remote Management System	A component of Sophos Endpoint Security and Control that is responsible for sending and receiving messages from the central console or Message Relay server.
	Reply (LPC and ALPC Research)	A message that is sent to answer a request or another reply. Replies already have a MessageId. Replies have the type LPC_REPLY.
	Request (LPC and ALPC Research)	A message that has no 'conversation history' and has a MessageId of 0 when sent. Requests have the type LPC_REQUEST.
	Role-based administration	Allows full administration of the Enterprise Console to delegate and limit control to other users. For more information see Best practice: designing sub-estates and role-based administration.

Back to the top of the page

Abbreviation	Name	Definition
	SafeGuard Enterprise	SafeGuard Enterprise is a modular information protection control platform that enforces policy-based security for PCs and mobile devices across mixed environments. It is fully transparent to end-users and is easy to administer from a single central console. SafeGuard Enterprise provides multi-layered endpoint data security by combining encryption and data leakage prevention (DLP). Its modular architecture provides comprehensive data security tailored to your organization's needs and growth requirements.
	Score	The number that is added to the total score for a Content Control List when a regular expression is matched.
	Scrum Master	The leader of a pod from a project management perspective. Scrum masters are not necessarily technical leaders - frequently, QA engineers make the best Scrum masters. The job of the scrum master is to know what is going on with the pod members at any given moment, and to prioritize helping pod members when they are blocked. Scrum masters are also there to keep the pod moving along within the defined process and remind members when they are drifting out of process.
	Scrum of Scrums	A quick, frequent (typically daily) meeting between a representative of each of the pods with each other and the Product Scrum Master. They report on the status of their pod summarizing instead of presenting individual achievements. This keeps all of the pods in sync with what each other are doing.
	Secondary configuration	The firewall configuration used when users are not connected to the main corporate network, but to another network such as a hotel or airport wireless network or another corporate network.
	Section	A unit of memory that can be shared. A process can use a section object to share parts of its memory address space (memory sections) with other processes. Section objects also provide the mechanism by which a process can map a file into its memory address space.
	Section View	A view of a section is a part of the section that is actually visible to a process. The act of creating a view for a section is known as mapping a view of the section. Each process that is manipulating the contents of a section has its own view; a process can also have multiple views (to the same or different sections).
SDL	Security Description Language	SDL is a new generation of VDL for describing threats, expressing Labs business logic, and providing a uniform way of interacting with monitoring and enforcement points to implement Best Protection.
	Segment owner	The virtual team who owns the service(s) delivered by the segment.
	Server root node	The topmost node of the group tree in the Groups pane, which includes the Unassigned group.
SSE	Server-Sent Events	Server-sent events is a technology where a browser receives automatic updates from a server via HTTP connection. The Server-Sent Events EventSource API is standardized as part of HTML5 by the W3C.
	Soft Release	The completed product is made available via FTP for manual download and installation by customers. This step applies specifically to UTM product releases.
	Sophos (Ltd)	More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing complete security solutions that are simple to deploy, manage, and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, mobile and network security solutions backed by SophosLabs - a global network of threat intelligence centers. Sophos is headquartered in Boston, US and Oxford, UK. More information is available at http://www.sophos.com.
SCP	Sophos Client Protection	Sophos Client Protection consists of Sophos Anti-Virus and the Sophos Client Firewall.
SCC	Sophos Control Center	A graphical viewer that connects to the Sophos Management Service and allow an administrator to view, manage and control Sophos Endpoint Security software. Designed for small businesses with up to approximately 100 computers.
SEC	Sophos Enterprise Console	The software used to install and manage Sophos products on networked computers.
SED	Sophos Endpoint Defense	This feature is focused on preventing undesired actions by administrators, for example stopping services and killing processes.
SEM	Sophos Enterprise Manager	A graphical viewer that connects to the Sophos Management Service and allow an administrator to view, manage and control Sophos Endpoint Security software. Enterprise Manager is a cut down version of Enterprise Console with restrictions on: Endpoint policies (type and number allowed); Available downloadable packages; Installation design (no distributed installation; no RBA; plus other limitations.
SUM	Sophos Update Manager	A program that downloads Sophos security software and updates from Sophos or another update server to shared update locations.
	Sophos-defined rule	A rule that has been provided by Sophos as an example. Sophos-defined rules are not updated by Sophos.
	SophosLabs Content Control List	A Content Control List that has been provided and is managed by Sophos. Sophos can update SophosLabs Content Control Lists or create new Content Control Lists and make them available in Enterprise Console. The contents of SophosLabs Content Control Lists cannot be edited. However, the quantity can be set for each such Content Control List.
	Spike	A larger investigative task that is used to research, prototype, and document conclusions that will be used as input into developing new stories or estimating existing stories. Spikes should never produce shippable code.
	Sprint	Framework for a short iteration of software development, containing all phases of software development from requirements gathering, design, coding, and testing. The results of a Sprint should be releasable.
	Staged Release	An approach to releasing a product to groups of customers in defined Stages. At each Stage of the release, issues reported from customers are assessed, and the release only proceeds to the next Stage once any issues are understood and deemed acceptable. Customers are generally separated into Groups according to how risk averse or critical to the business they are with more risk averse customers receiving the release at later Stages.
	Standup	A quick, frequent (typically daily) meeting between pod members that asks each individual: What they accomplished yesterday (if this didn't line up with yesterday's plan, why not) What they plan to accomplish today If they need any help/are blocked by anything
	Stateful inspection	Packet checking technology that allows the rule to query not just the source and destination of a packet, but whether the packet was part of an earlier communication. Stateful inspection can help to avoid threats from IP spoofing. It can also streamline the filtering process, as packets do not have to be re-checked by your rules.
	Story	An expression of a feature requirement broken into a small chunk that can be addressed by a small team (Pod) during a Sprint cycle.
	Sub-estate	A named part of the IT estate, containing a subset of the computers and groups.
	Sub-estate administration	A feature that restricts the computers and groups that are available to perform operations on.
	Suspicious behavior detection	Dynamic analysis of the behavior of all programs running on the system in order to detect and block activity which appears to be malicious.
	SWAG	High level estimate (can be timescales, costs, or resources) carried out without detailed analysis
	Synchronization interval	The period after which a synchronization point in Enterprise Console is synchronized with the selected Active Directory container.
	Synchronization point (for an Active Directory tree)	A Sophos Enterprise Console group into which the contents of a selected Active Directory container (groups and computers or groups only) will be added for synchronization, their structure preserved.
	Synchronization with Active Directory	A one-way synchronization of Sophos Enterprise Console group(s) with Active Directory organizational units, or containers
	System Administrator	A pre-configured role that has full rights to manage Sophos security software on the network and roles in Enterprise Console. The System Administrator role cannot be deleted or have its rights or name changed, and the Sophos Full Administrators Windows group cannot be removed from it. Other users and groups can be added to or removed from the role.
	System Test Complete	All test cases that have been planned to be executed during system testing have been successfully run.
	System Testing	Testing on a complete integrated software system to assess whether it complies with its requirements.

Back to the top of the page

Abbreviation	Name	Definition
	Tag	A descriptor applied to a SophosLabs Content Control List to identify the contents or scope of the Content Control List. There are three types of tag: type, regulation, and region.
	Tamper protection	A feature that prevents known malware and unauthorized users (local administrators and users with limited technical knowledge) from uninstalling Sophos security software or disabling it.
	Task	A story gets broken down into logical atomic units (Tasks) that can be split up among pod members for implementation. A story cannot be marked complete until all tasks have been addressed.
TP	Technical Preview	An early version of software that is made available to allow customers to access upcoming new functionality that is still under development and provide early feedback.
	Test Pass	A deterministic exercise whereby the full set of test cases (both automated and manual) that have been planned for the feature are executed. This is carried out after a feature is declared Feature Complete but before it can be declared Code Complete. Typically 3 Test Passes are planned with defect fixing in between each Test Pass.
	Test Plan	A test plan is a document describing the scope, approach, objectives of software testing. It identifies which functionality will be tested, the series of tests (test cases) that will be executed, the pass/fail criteria for those tests.
	Test Schedule	Describes the feature-wise timeline for verification, resources being used for verification for every cycle of test.
	Test Strategy	An outline document describing the approach to testing that will be adopted by the team and which will guide the design of the tests and test systems.
	Theme	High level goal expressed broadly as used as shorthand for describing a set of features before detailed definition work has been done. From themes, we produce several related epics.
	Threat detection engine / threat engine	The threat detection engine provides the ability to analyze computer files to determine the format of the files, and provides an environment in which to run IDEs. Each new release of the engine is given a version number. This is previously known as virus engine.
	Total Score	The sum of the scores for a Content Control List, according to the content that has been matched.
	Tree View	The view that controls what data the log viewer displays in its data view.
	Trigger score	The number of times a regular expression must be matched before a Content Control List is matched.
	True file type	The file type that is ascertained by analyzing the structure of a file as opposed to the filename extension. This is a more reliable method.
	Type	The criteria according to which SophosLabs Content Control Lists are classified, for example, a Content Control List defining passport details, postal addresses, or email addresses belongs to the Personally Identifiable Information type.

Back to the top of the page

Abbreviation	Name	Definition
UTM	Unified Threat Management	A category of security appliances which integrates a range of security features into a single appliance.
	Unusable	Highest level of bug severity. Unusable is when: The defect causes data loss, corruption, or distortion. The system is not functional. There is no workaround. There is incorrect functionality, which could cause an incorrect business decision to be made. There is considerable performance degradation. There is a possibility for significant monetary loss.
UCD	Use Case Diagram	A use case diagram at its simplest is a representation of a user's interaction with the system that shows the relationship between the user and the different use cases in which the user is involved.
UAC	User Account Control	User Account Control is a security component that was introduced with Microsoft's Windows Vista and Windows Server 2008 operating systems and allows an administrator to enter credentials during a non-administrator's user session to perform occasional administrative tasks.
	Utilization Saturation and Errors	The Utilization Saturation and Errors (USE) Method is a methodology for analyzing the performance of any system. It directs the construction of a checklist, which for server analysis can be used for quickly identifying resource bottlenecks or errors.

Back to the top of the page

Abbreviation	Name	Definition
	Virus data files (also known as Detection data or Threat data files)	Virus data is the name given to the group of files (largely written in VDL) that are used by the threat detection engine and include .IDEs, .VDBs, and some xml files. Virus (threat) data files are loaded into memory (RAM) and used by the threat detection engine. In Sophos Anti-Virus for Windows the virus data mainly consists of the following files: C:\Program Files (x86)\Sophos\Sophos Anti-Virus\vdl. (depending on the version of Windows).
VDL	Virus Description Language	Sophos's proprietary computer programming language specifically written to define the process required to identify and clean up computer malware, detecting items such as PUAs, and in Application Control. Virus identities are written in VDL by the expert analysts in SophosLabs.
IDE	Virus identity file	A file that enables Sophos Anti-Virus to detect and disinfect a particular virus, worm, Trojan, or item of spyware. See also: Identity File.
VoIP	Voice over IP	A category of controlled applications that includes Voice over IP client applications.

Back to the top of the page

Abbreviation	Name	Definition
	Warehouse	A warehouse is a store of programs and data published by Sophos. Warehouses are stored in a repository, which is a particular location on a server. One repository can contain multiple warehouses.
	Web Control	A feature that allows you to set and enforce web access policies for your organization, and to view reports on web browsing usage.
	Web Gateway	Protects your network against risky or inappropriate web browsing. It can also prevent loss of confidential data, trust certain networks, and report on all your users’ web browsing.
WE	Western Europe	A term used by Sophos when discussing regions: Western Europe specifically means: France, Spain, Italy, Portugal, Benelux
WAN	Wide Area Network	The network which connects UTMs. This is also known as Redux transit network. This is currently shared with Green.
	Windows Firewall	Windows Firewall is a software component of Microsoft Windows that provides firewall and packet filtering functions that then either blocks it or allows it to pass through to your computer. For more information see: Windows Firewall: frequently asked questions.
	Working mode	The setting that determines whether the firewall applies actions with input from the user (interactive mode) or automatically (the non-interactive modes).
	Workgroup	A workgroup is Microsoft's terminology for a peer-to-peer Windows computer network. For a comparison of a Workgroup to a domain network see Microsoft TechNet: Workgroups compared with domains.

Knowledge Base

Glossary of Technical terms

ISP-Service

Quick Links

Informationen