application
An application is a piece of software, for example, Microsoft Word.
application virtualization
Application virtualization is the encapsulation of an application, separating it from the underlying operating system on which it is executed. At runtime the application is tricked into acting as if it were directly interfacing with the original operating system and all the resources managed by it, but in reality it is not.
centrally managed environment
A centrally managed environment is one where the remote control domain manager controls the host settings through computer policies, global address book (GAB) items, licensing of the host agent on the domain, and user permissions. This is the default setting for CA Client Automation.
centrally managed host environment
A centrally managed host environment is one where either a remote control enterprise or domain manager is responsible for the configuration of the hosts and the authentication of viewer connections. It also manages the address book that users use to find hosts.
Common Configuration Enumeration (CCE)
Common Configuration Enumeration (CCE) is one of the SCAP standards. It contains Standard identifiers and dictionary for system configuration issues related to security. A rule definition in an SCAP data stream can contain references to one or more CCE identifiers, indicating that the rule is a representation of a specific CCE configuration guidance statement or configuration control. For more information, go to http://cce.mitre.org/.
Common Platform Enumeration (CPE)
Common Platform Enumeration (CPE) is one of the SCAP standards. It contains standard identifiers and dictionary for platform or product naming. For example, some elements in XCCDF files can be restricted to only apply to certain platforms and this is done using CPE identifiers. For more information, go to http://cpe.mitre.org/.
Common Vulnerabilities and Exposures (CVE)
Common Vulnerabilities and Exposures (CVE) is a dictionary of common names (that is, CVE Identifiers) for publicly known information security vulnerabilities. These identifiers make it easier to share data across separate network security databases and tools. CVE is one of the components used in SCAP. See http://cve.mitre.org/ for details.
Common Vulnerability Scoring System (CVSS)
Common Vulnerability Scoring System (CVSS) is one of the SCAP standards. It contains standards for conveying and scoring the impact of vulnerabilities. For more information, go to http://www.first.org/cvss/index.html.
configuration view
A configuration view is a customized Windows-only user interface that lets you edit configuration policies that are related to specific components or functionality. Configuration views summarize the relevant policies for a component or function independent of where they are actually located in the hierarchy and the DSM Explorer tree.
connectors
connectors are the links from products that consume connector data to external products, or domain managers. Each connector retrieves information from its domain manager and transmits the information through the connector framework to the consuming product for visualization and analysis. Connectors can also enact inbound operations on data in the source domain manager, such as object creation. connectors use a unified connector framework to enable integration with multiple consuming products.
desktop recompose
Desktop recompose is the process of assigning a new golden template to the virtual desktop. Operating systems and applications have to be maintained during their lifetime to fix problems resolved by hot fixes or service packs or to provide new features by new versions. For linked clones, this means the master image, or golden template, has to be updated. Once the updates are completed, the linked clone is recomposed and becomes active. During the recompose operation the related linked clones are linked to this new golden template and are refreshed.
desktop refresh
Desktop refresh is the process of resetting the virtual desktop to its original state. Linked clones track changes to the virtual machine with the clone. To control the storage allocations with the clone, VMware View offers the refresh operation that resets the clone to its baseline and releases all deltas provided for tracking changes. This means that all information stored to the system drive since the creation of clone or its last refresh or recompose is lost. Unlike desktop recompose, the same golden template continues to be used as before the refresh operation.
eXtensible Configuration Checklist Description Format (XCCDF)
eXtensible Configuration Checklist Description Format (XCCDF) is a specification language for writing security checklists, benchmarks, and related kinds of documents. An XCCDF document represents a structured collection of security configuration rules for some set of target computers. The specification is designed to support information interchange, document generation, organizational and situational tailoring, automated compliance testing, and compliance scoring. For more information, go to http://nvd.nist.gov/xccdf.cfm.
Federal Information Processing Standard (FIPS)
Federal Information Processing Standard (FIPS) is a security standard that is issued and approved by NIST. It specifies the security requirements that must be satisfied by a cryptographic module utilized within a security system protecting sensitive but unclassified information.
FIPS-certified cryptography module
FIPS-certified cryptography module refer to RSA CryptoC BSAFE module, which is FIPS 140-2 certified.
FIPS-Compliant Cryptography
FIPS-compliant cryptography refers to the use of FIPS 140-2 certified modules, FIPS-approved, and FIPS-allowed techniques and algorithms for cryptography.
FIPS-only
FIPS-only is a mode of operation for Client Automation wherein only FIPS-compliant cryptography is allowed. In this mode, Client Automation is not backward compatible with the previous releases of Client Automation.
FIPS-preferred
FIPS-preferred is a mode of operation for Client Automation wherein bulk of cryptographic operations are FIPS‑compliant, leaving few encryptions in legacy format. In this mode, Client Automation is backward‑compatible with the previous releases of Client Automation.
golden template
In Client Automation terminology, the golden template is the virtual machine from which virtual desktops are cloned.
guest
A guest in generic platform virtualization terminology is the virtual machine and the guest operating system.
guest operating system
The guest operating system is the operating system running inside a virtual machine.
health monitoring
Health Monitoring (HM) functionality lets you configure alerts, set threshold values, and monitor the overall health of the Client Automation infrastructure.
host
A host in generic platform virtualization terminology is the physical machine, the host operating system, and the hypervisor.
host cluster
The host cluster is the aggregate computing and memory resources of a group of hosts sharing some or all of the same network and storage.
host operating system
The host operating system is the operating system running on a physical machine.
hosted virtual environment
A hosted virtual environment is the virtualization software that runs on top of a host operating system, that is, the physical machine, host OS, and the hypervisor.
hypervisor
The hypervisor is the virtualization software layer simulating physical hardware on behalf of the guest operating system. This term is synonymous with Virtual Machine Monitor (VMM).
instance software state database
The instance software state database is a part of the software state database that contains the history of all software jobs executed by the agent running on a non-golden template system, that is, any clones of the golden template.
linked clones
In VMware View, linked clones of a master or golden image only refer to the master or golden image but do not include it. Changes to the system during user sessions are not stored to the master image but are kept in delta files with the clone.
location awareness
Location Awareness lets DSM Agent on a computer detect the location of the computer.
master target device
In Citrix XenDesktop, a master target device is the base desktop with the OS and required set of applications from which a vDisk is generated.
master vDisk
In Citrix XenDesktop, a master vDisk is the initial vDisk generated from the golden template machine.
MITRE
The MITRE Corporation is a not-for-profit organization chartered to work in the public interest. MITRE offers the interpreters, source code, schemas, and data files at no cost so that individuals and organizations can build and expand upon them. Ovaldi is one such interpreter that is freely available.
National Institute of Standards and Technology (NIST)
National Institute of Standards and Technology (NIST) is a non-regulatory federal agency within the U.S. Department of Commerce. NIST's mission is to promote U.S. innovation and industrial competitiveness by advancing measurement science, standards, and technology in ways that enhance economic security and improve our quality of life. The United States (U.S.) National Vulnerability Database (NVD), operated by the NIST, provides a repository and data feeds of content that utilize the SCAP standards. It is also the repository for certain official SCAP standards data. Thus, NIST defines open standards within the SCAP context and defines the mappings between the SCAP enumeration standards.
native virtual environment
A native virtual environment is the virtualization software that runs directly on the physical machine, becoming or acting as a host operating system (often minimal), that is, the physical machine and the hypervisor. A synonymous term is "bare metal environment."
non-linked clones
In VMware View, non-linked clones, or full clones, are full copies of a master or golden image. The clone includes a copy of the image and all changes to the system during user sessions are stored to this copy.
nonpersistent clones
Nonpersistent clones are virtual desktops from the nonpersistent pool of VMware View user data that are transient out-of-the-box. Once a user logs off, the clone is refreshed and all user data at the system disk are lost.
nonpersistent linked clone virtual desktop
A nonpersistent linked clone virtual desktop is a virtual machine that is refreshed or recomposed every time the user logs on, with no persistence for custom installed applications, personalization, and so on.
offline patching
Offline Patching lets you export the patch content and patch files remotely and import to the Client Automation environment using CA Patch Manager without accessing Internet.
Offline RAC
Offline RAC is a reinstall after crash (RAC) task that is driven by the agent rather than by the manager. Virtual desktops are recomposed frequently, that is, whenever the golden template is updated and the disk is reset, any changes to the virtual desktop since the previous reset are effectively voided. For virtual desktops, the agent and not the manager is responsible for the creation of the RAC job container. When the disk reset occurs, the agent initiates an Offline RAC to restore any software that has been deployed to the agent.
Open Vulnerability and Assessment Language (OVAL)
Open Vulnerability and Assessment Language (OVAL) is one of the SCAP standards. It contains standard XML for testing procedures for security related software flaws, configuration issues, and patches as well as for reporting the results of the tests. All the rule checks in the checklists take the form of references to OVAL definitions contained in OVAL files from the SCAP data stream. For more information, go to http://oval.mitre.org/.
Ovaldi
Ovaldi is an OVAL Interpreter developed by the MITRE Corporation. It is a freely available reference implementation created to show how information can be collected from a computer for testing to evaluate and carry out the OVAL definitions for that platform, and to report the results of the tests. The interpreter demonstrates the usability of OVAL Definitions and ensures correct syntax and adherence to the OVAL Schemas.
package format
The package format is a property of a software package. Formats include regular and virtual.
package type
The package type is a property of a software package. Current types include Generic, MSI, SXP, PIF, and PKG. Package type is not used or altered for the purpose of supporting virtual application packages.
partition
A partition is an isolated instance of a host operating system. Partitions do not usually use guest operating systems because they all share the host’s operating system.
partitioned virtual environment
A partitioned virtual environment is one where multiple instances of the host operating system can run in isolation on the same physical machine. This is not strictly a virtualization technology, but is used to solve the same type of problems.
persistent clones
Persistent clones are virtual desktops from the persistent pool that survive as they are after the user has logged off until they are refreshed or recomposed. VMware View offers out-of the box separate devices for system and user data with the persistent clones. Information stored to the user data device survives any refresh or recompose action while changes to the system disk are lost.
persistent linked clone virtual desktop
A persistent linked clone virtual desktop is a virtual machine that is dedicated to a specific user, and the user can request specific software to be added, customize settings, and so on. At each logon the user’s customized environment is restored. This persists until the virtual desktop is refreshed or recomposed. At that point, all the software products installed on system drive are lost.
persistent non-linked clone virtual desktop
A persistent non-linked clone virtual desktop is a virtual machine that is dedicated to a specific user and is presented to that user at each logon with their custom installed applications, user settings, data, and so on.
platform virtualization
Platform virtualization is the encapsulation of computers or operating systems, hiding their physical characteristics from users and emulating the computing platform at runtime.
provisioned application
A provisioned application is an application (regular or virtual) that has been made available for execution on a target computer. The application need not be "installed" locally in order to treat it as provisioned.
regular application
A regular application is application software that has not been virtualized and can be installed and executed in a traditional fashion. When talking about releases, patches, and suites, regular applications are implied.
Replication
Replication is an engine task to perform the data replication from Domain Manager to Enterprise Manager and Enterprise Manager to Domain Manager.
sandbox
A sandbox is an application runtime environment that isolates the application from the computer's operating system and resources and also from other applications on the computer. The degree of isolation is usually set to allow the application some access to the operating system resources, such as the documents folder.
scalability server
A scalability server is the central server to enable geographical scalability for management tasks. It is a distributed process that is the primary interface for agents.
SCAP data stream
SCAP data stream consists of security checklist data represented in automated XML formats, vulnerability and product name related enumerations, and mappings between the enumerations. An SCAP data stream consists of the XML following files:
schema map
A schema map is a mapping of the attribute names associated with data objects, such as users, computers, and groups, used in an external directory to those attribute names used by corresponding Client Automation objects. The fixed and standard set of DSM attribute names is used for querying directories and for formulating complex queries and reports.
Security Content Automation Protocol (SCAP)
The Security Content Automation Protocol (SCAP), pronounced "S Cap", is a method for using the standards such as XCCDF, CCE, CVE, CVSS, CPE, and OVAL to enable automated vulnerability management, measurement, and policy compliance evaluation (e.g., FISMA compliance). More specifically, SCAP is a suite of selected open standards that enumerate software flaws, security related configuration issues, and product names; measure systems to determine the presence of vulnerabilities; and provide mechanisms to rank (score) the results of these measurements in order to evaluate the impact of the discovered security issues. SCAP defines how these standards are combined. The National Vulnerability Database provides a repository and data feeds of content that use the SCAP standards. For more information, go to http://nvd.nist.gov/.
software signature
A software signature defines the attributes of a software application, such as the main executable file name, other associated files, size range, version range, creation, and modification dates of the software. All these attributes of a software signature uniquely identify a software application. Software signatures in asset management are created as software definitions. You can create software definitions for a product, release, patch, suite, suite component, or virtual application image. By default, asset management provides predefined software signatures covering the most widely used software in the IT industry.
software type
The software type is a property of a software definition. Current types include suite, product, release, patch, and virtual application image.
staged virtual application image
A staged virtual application image is a virtual application image that has been discovered in the file system of a computer.
stand-alone environment
A stand-alone environment is one where the users of the host and viewer computers locally manage all settings, properties, and licensing of the Client Automation remote control component. It is set by a Standalone Agent installation. To install it manually, the RC agent setup needs to be called directly.
standalone virtual application
A standalone virtual application is a virtual application that has been provisioned in a way where the virtual application image used as the source resides on the system to which it has been provisioned.
streamed virtual application
A streamed virtual application is a virtual application that has been provisioned in a way where the virtual application image used as the source resides on a remote system that is different from the system to which it has been provisioned.
streamed virtual application image
A streamed virtual application image is a virtual application image that has been discovered to be accessible through the network from a computer. Discovery of streamed virtual application images will usually only be possible if the virtual applications residing inside of the image have been provisioned.
vDisk
In Citrix XenDesktop, a vDisk, or virtual disk, is basically an image file with the OS and the required set of applications.
virtual application (VA)
A virtual application is software that has been virtualized.
virtual application image
A virtual application image contains one or more virtual applications stored inside a file, possibly with a set of supporting metadata files.
virtual application image definition
A virtual application image definition describes the "footprint" for discovering a virtual application image. To discover an image containing one or more included virtual applications (stored inside), regular software signatures must be associated with the virtual application image definition.
virtual application package (VAP)
A virtual application image packaged inside of one or more software delivery packages is referred to as a virtual application package. These packages are used to provision computers with virtual applications.
virtual application staging package
A virtual application staging package is a virtual application package used to stage the virtual application image.
virtual application standalone package
A virtual application standalone package is a virtual application package used to provision a virtual application in standalone mode.
virtual application streaming package
A virtual application streaming package is a virtual application package used to provision a virtual application in streaming mode.
virtual disk
A virtual disk is a set of files that forms a file system that appears as a physical disk to the guest operating system.
virtual image
A virtual image is a file or set of of files containing the complete definition of a virtual machine, including its hardware specifications and virtual disks. It is the host’s file system representation of a guest. A virtual image can be online or offline depending on the running state of the virtual machine it captures.
virtual machine (VM)
A virtual machine is an isolated virtualized environment simulating a physical machine. The virtual machine does by definition not include the guest operating system.
virtual patch
A virtual patch is the virtual equivalent of a regular patch and has the same basic meaning. The term is used when reporting software inventory for virtual applications (not virtual application images).
virtual release
A virtual release is the virtual equivalent of the regular release and has the same basic meaning. The term is used when reporting software inventory for virtual applications (not virtual application images). Note that a provisioned virtual application can use either a staged or streamed virtual application image as source. The virtual applications contained within the virtual application image can themselves be seen as staged but not yet provisioned.
XCCDF profile
An XCCDF profile is a policy that is applied to the target computer or compared to the configuration of the target computer. The XCCDF file for each SCAP data stream defines the list of profiles supported. The XCCDF file must have at least one XCCDF profile, which specifies the rules to be used for checking a particular type of system. You can create separate XCCDF profiles for each applicable operational environment in which a system may be deployed.
|
Copyright © 2014 CA Technologies.
All rights reserved.
|
|