NETGEAR FVS114 Router Manual PDF (Setup & Configuration Guide)

Home

Manuals

NETGEAR

FVS114

Page 201 / 212 Scroll up to view Page 196 - 200

202-10098-01, April 2005

Glossary

List of Glossary Terms

Use the list below to find definitions for technical terms used in this manual.

Numeric

10BASE-T

IEEE 802.3 specification for 10 Mbps Ethernet over twisted pair wiring.

100BASE-Tx

IEEE 802.3 specification for 100 Mbps Ethernet over twisted pair wiring.

802.1x

802.1x defines port-based, network access control used to provide authenticated network access and

automated data encryption key management. The IEEE 802.1x draft standard offers an effective framework

for authenticating and controlling user traffic to a protected network, as well as dynamically varying

encryption keys. 802.1x uses a protocol called EAP (Extensible Authentication Protocol) and supports

multiple authentication methods, such as token cards, Kerberos, one-time passwords, certificates, and public

key authentication. For details on EAP specifically, refer to IETF's RFC 2284.

Access Control List (ACL)

An ACL is a database that an Operating System uses to track each user’s access rights to system objects

(such as file directories and/or files).

ADSL

Short for asymmetric digital subscriber line, a technology that allows data to be sent over existing copper

telephone lines at data rates of from 1.5 to 9 Mbps when receiving data (known as the downstream rate) and

from 16 to 640 Kbps when sending data (known as the upstream rate). ADSL requires a special ADSL

modem. ADSL is growing in popularity as more areas around the world gain access.

Page 202 / 212

Reference Manual for the ProSafe VPN Firewall FVS114

Glossary

202-10098-01, April 2005

AES

AES stands for Advanced Encryption Standard. AES is a symmetric key encryption technique that will

replace the commonly used Data Encryption Standard (DES). Not only does AES provide more security

than DES and 3DES, it also has better performance, making AES highly attractive for use in constrained

environments.

It was the result of a worldwide call for submissions of encryption algorithms issued by the US

Government's National Institute of Standards and Technology (NIST) in 1997 and completed in 2000.

AES provides strong encryption and has been selected by NIST as a Federal Information Processing

Standard in November 2001 (FIPS-197). The U.S. Government (NSA) announced that AES is secure

enough to protect classified information up to the top secret level, which is the highest security level and

defined as information which would cause "exceptionally grave damage" to national security if disclosed to

the public.

The AES algorithm uses one of three cipher key strengths: a 128-, 192-, or 256-bit encryption key

(password). Each encryption key size causes the algorithm to behave slightly differently, so the increasing

key sizes not only offer a larger number of bits with which you can scramble the data, but also increase the

complexity of the cipher algorithm.

ARP

Address Resolution Protocol, a TCP/IP protocol used to convert an IP address into a physical address (called

a DLC address), such as an Ethernet address. A host wishing to obtain a physical address broadcasts an ARP

request onto the TCP/IP network. The host on the network that has the IP address in the request then replies

with its physical hardware address. There is also Reverse ARP (RARP) which can be used by a host to

discover its IP address. In this case, the host broadcasts its physical address and a RARP server replies with

the host's IP address.

Auto Uplink

technology (also called MDI/MDIX) eliminates the need to worry about crossover vs.

straight-through Ethernet cables. Auto Uplink

will accommodate either type of cable to make the right

connection.

Bandwidth

The information capacity, measured in bits per second, that a channel could transmit. Bandwidth examples

include 10 Mbps for Ethernet, 100 Mbps for Fast Ethernet, and 1000 Mbps (I Gbps) for Gigabit Ethernet.

Baud

The signaling rate of a line, that is, the number of transitions (voltage or frequency changes) made per

second.

Also known as line speed.

Page 203 / 212

Reference Manual for the ProSafe VPN Firewall FVS114

Glossary

202-10098-01, April 2005

Broadcast

A packet sent to all devices on a network.

Class of Service

A term to describe treating different types of traffic with different levels of service priority.

Higher priority

traffic gets faster treatment during times of switch congestion

A Certificate Authority is a trusted third-party organization or company that issues digital certificates used

to create digital signatures and public-private key pairs.

Cat 5

Category 5

unshielded twisted pair (UTP) cabling. An Ethernet network operating at 10 Mbits/second

(10BASE-T) will often tolerate low quality cables, but at 100 Mbits/second (10BASE-Tx) the cable must be

rated as Category 5, or Cat 5 or Cat V, by the Electronic Industry Association (EIA). This rating will be

printed on the cable jacket. Cat 5 cable contains eight conductors, arranged in four twisted pairs, and

terminated with an RJ45 type connector. In addition, there are restrictions on maximum cable length for both

10 and 100 Mbits/second networks.

Certificate Authority

A Certificate Authority is a trusted third-party organization or company that issues digital certificates used

to create digital signatures and public-private key pairs. The role of the CA in this process is to guarantee

that the individual granted the unique certificate is, in fact, who he or she claims to be. Usually, this means

that the CA has an arrangement with a financial institution, such as a credit card company, which provides it

with information to confirm an individual's claimed identity. CAs are a critical component in data security

and electronic

commerce because they guarantee that the two parties exchanging information are really who

they claim to be.

DHCP

An Ethernet protocol specifying how a centralized DHCP server can assign network configuration

information to multiple DHCP clients. The assigned information includes IP addresses, DNS addresses, and

gateway (router) addresses.

DMZ

Page 204 / 212

Reference Manual for the ProSafe VPN Firewall FVS114

Glossary

202-10098-01, April 2005

Specifying a Default DMZ Server allows you to set up a computer or server that is available to anyone on

the Internet for services that you haven't defined. There are security issues with doing this, so only do this if

you'll willing to risk open access.

DNS

Short for Domain Name System (or Service), an Internet service that translates domain names into IP

addresses. Because domain names are alphabetic, they're easier to remember. The Internet however, is really

based on IP addresses. Every time you use a domain name, therefore, a DNS service must translate the name

into the corresponding IP address. For example, the domain name www.example.com might translate to

198.105.232.4. The DNS system is, in fact, its own network. If one DNS server doesn't know how to

translate a particular domain name, it asks another one, and so on, until the correct IP address is returned.

Domain Name

A descriptive name for an address or group of addresses on the Internet. Domain names are of the form of a

registered entity name plus one of a number of predefined top level suffixes such as .com, .edu, .uk, etc. For

example, in the address mail.NETGEAR.com, mail is a server name and NETGEAR.com is the domain.

DSL

Short for digital subscriber line, but is commonly used in reference to the asymmetric version of this

technology (ADSL) that allows data to be sent over existing copper telephone lines at data rates of from 1.5

to 9 Mbps when receiving data (known as the downstream rate) and from 16 to 640 Kbps when sending data

(known as the upstream rate).

ADSL requires a special ADSL modem. ADSL is growing in popularity as more areas around the world

gain access.

DSLAM

DSL Access Multiplexor. The piece of equipment at the telephone company central office that provides the

ADSL signal.

Dynamic Host Configuration Protocol

DHCP. An Ethernet protocol specifying how a centralized DHCP server can assign network configuration

information to multiple DHCP clients. The assigned information includes IP addresses, DNS addresses, and

gateway (router) addresses.

EAP

Extensible Authentication Protocol is a general protocol for authentication that supports multiple

authentication methods. EAP, an extension to PPP, supports such authentication methods as token cards,

Kerberos, one-time passwords, certificates, public key authentication and smart cards. EAP is defined by

RFC 2284.

Page 205 / 212

Reference Manual for the ProSafe VPN Firewall FVS114

Glossary

202-10098-01, April 2005

Ethernet

A LAN specification developed jointly by Xerox, Intel and Digital Equipment Corporation. Ethernet

networks transmit packets at a rate of 10 Mbps.

Gateway

A local device, usually a router, that connects hosts on a local network to other networks.

ICMP

See “Internet Control Message Protocol”

IEEE

Institute of Electrical and Electronics Engineers. This American organization was founded in 1963 and sets

standards for computers and communications.

IETF

Internet Engineering Task Force. An organization responsible for providing engineering solutions for TCP/

IP networks. In the network management area, this group is responsible for the development of the SNMP

protocol.

IKE

Internet Key Exchange. An automated method for exchanging and managing encryption keys between two

VPN devices.

Internet Control Message Protocol

ICMP is an extension to the Internet Protocol (IP) that supports packets containing error, control, and

informational messages. The PING command, for example, uses ICMP to test an Internet connection.

Internet Protocol

The method or protocol by which data is sent from one computer to another on the Internet. Each computer

(known as a host) on the Internet has at least one IP address that uniquely identifies it among all other

computers on the Internet. When you send or receive data (for example, an e-mail note or a Web page), the

message gets divided into little chunks called packets. Each of these packets contains both the sender's

Internet address and the receiver's address. Any packet is sent first to a gateway computer that understands a

small part of the Internet. The gateway computer reads the destination address and forwards the packet to an

adjacent gateway that in turn reads the destination address and so forth across the Internet until one gateway

recognizes the packet as belonging to a computer within its immediate neighborhood or domain. That

Rate

Popular NETGEAR Models

Famous Router IPs

Famous Router Companies

Bookmark Our Site

Share