Page 226 / 238 Scroll up to view Page 221 - 225
Reference Manual for the ProSafe VPN Firewall 25 with 4 Gigabit LAN and Dual WAN Ports
D-12
Virtual Private Networking
202-10085-01, March 2005
[RFC 791]
Internet Protocol DARPA Internet Program Protocol Specification
, Information
Sciences Institute, USC, September 1981.
[RFC 1058]
Routing Information Protocol
, C Hedrick, Rutgers University, June 1988.
[RFC 1483]
Multiprotocol Encapsulation over ATM Adaptation Layer 5
, Juha Heinanen,
Telecom Finland, July 1993.
[RFC 2401] S. Kent, R. Atkinson, Security Architecture for the Internet Protocol
, RFC 2401,
November 1998.
[RFC 2407] D. Piper, The Internet IP Security Domain of Interpretation for ISAKMP
,
November 1998.
[RFC 2474] K. Nichols, S. Blake, F. Baker, D. Black, Definition of the Differentiated Services
Field (DS Field) in the IPv4 and IPv6 Headers
, December 1998.
[RFC 2475] S. Blake, D. Black, M. Carlson, E. Davies, Z. Wang, and W. Weiss, An
Architecture for Differentiated Services
, December 1998.
[RFC 2481] K. Ramakrishnan, S. Floyd, A Proposal to Add Explicit Congestion Notification
(ECN) to IP
, January 1999.
[RFC 2408] D. Maughan, M. Schertler, M. Schneider, J. Turner, Internet Security Association
and Key Management Protocol (ISAKMP)
.
[RFC 2409] D. Harkins, D.Carrel, Internet Key Exchange
(IKE) protocol.
[RFC 2401] S. Kent, R. Atkinson, Security Architecture for the Internet Protocol
.
Page 227 / 238
Glossary
-1
202-10085-01, March 2005
Glossary
List of Glossary Terms
Use the list below to find definitions for technical terms used in this manual.
Numeric
10BASE-T
IEEE 802.3 specification for 10 Mbps Ethernet over twisted pair wiring.
100BASE-Tx
IEEE 802.3 specification for 100 Mbps Ethernet over twisted pair wiring.
802.1x
802.1x defines port-based, network access control used to provide authenticated network access and
automated data encryption key management. The IEEE 802.1x draft standard offers an effective framework
for authenticating and controlling user traffic to a protected network, as well as dynamically varying
encryption keys. 802.1x uses a protocol called EAP (Extensible Authentication Protocol) and supports
multiple authentication methods, such as token cards, Kerberos, one-time passwords, certificates, and public
key authentication. For details on EAP specifically, refer to IETF's RFC 2284.
802.11a
IEEE specification for wireless networking at 54 Mbps operating in unlicensed radio bands over 5GHz.
802.11b
IEEE specification for wireless networking at 11 Mbps using direct-sequence spread-spectrum (DSSS)
technology and operating in the unlicensed radio spectrum at 2.4-2.5GHz.
802.11g
A soon to be ratified IEEE specification for wireless networking at 54 Mbps using direct-sequence
spread-spectrum (DSSS) technology and operating in the unlicensed radio spectrum at 2.4GHz. 802.11g is
backwards compatible with 802.11b.
Page 228 / 238
Reference Manual for the ProSafe VPN Firewall 25 with 4 Gigabit LAN and Dual WAN Ports
-2
Glossary
202-10085-01, March 2005
A
Access Control List (ACL)
An ACL is a database that an Operating System uses to track each user’s access rights to system objects
(such as file directories and/or files).
Ad-hoc Mode
An 802.11 networking framework in which devices or stations communicate directly with each other,
without the use of an access point (AP). Ad-hoc mode is also referred to as peer-to-peer mode or an
Independent Basic Service Set (IBSS). Ad-hoc mode is useful for establishing a network where wireless
infrastructure does not exist or where services are not required.
ADSL
Short for asymmetric digital subscriber line, a technology that allows data to be sent over existing copper
telephone lines at data rates of from 1.5 to 9 Mbps when receiving data (known as the downstream rate) and
from 16 to 640 Kbps when sending data (known as the upstream rate). ADSL requires a special ADSL
modem. ADSL is growing in popularity as more areas around the world gain access.
ARP
Address Resolution Protocol, a TCP/IP protocol used to convert an IP address into a physical address (called
a DLC address), such as an Ethernet address. A host wishing to obtain a physical address broadcasts an ARP
request onto the TCP/IP network. The host on the network that has the IP address in the request then replies
with its physical hardware address. There is also Reverse ARP (RARP) which can be used by a host to
discover its IP address. In this case, the host broadcasts its physical address and a RARP server replies with
the host's IP address.
Auto Uplink
Auto Uplink
TM
technology (also called MDI/MDIX) eliminates the need to worry about crossover vs.
straight-through Ethernet cables. Auto Uplink
TM
will accommodate either type of cable to make the right
connection.
B
Bandwidth
The information capacity, measured in bits per second, that a channel could transmit. Bandwidth examples
include 10 Mbps for Ethernet, 100 Mbps for Fast Ethernet, and 1000 Mbps (I Gbps) for Gigabit Ethernet.
Baud
The signaling rate of a line, that is, the number of transitions (voltage or frequency changes) made per
second.
Also known as line speed.
Page 229 / 238
Reference Manual for the ProSafe VPN Firewall 25 with 4 Gigabit LAN and Dual WAN Ports
Glossary
-3
202-10085-01, March 2005
Broadcast
A packet sent to all devices on a network.
C
Class of Service
A term to describe treating different types of traffic with different levels of service priority.
Higher priority
traffic gets faster treatment during times of switch congestion
CA
A Certificate Authority is a trusted third-party organization or company that issues digital certificates used
to create digital signatures and public-private key pairs.
Cat 5
Category 5
unshielded twisted pair (UTP) cabling. An Ethernet network operating at 10 Mbits/second
(10BASE-T) will often tolerate low quality cables, but at 100 Mbits/second (10BASE-Tx) the cable must be
rated as Category 5, or Cat 5 or Cat V, by the Electronic Industry Association (EIA). This rating will be
printed on the cable jacket. Cat 5 cable contains eight conductors, arranged in four twisted pairs, and
terminated with an RJ45 type connector. In addition, there are restrictions on maximum cable length for both
10 and 100 Mbits/second networks.
Certificate Authority
A Certificate Authority is a trusted third-party organization or company that issues digital certificates used
to create digital signatures and public-private key pairs. The role of the CA in this process is to guarantee
that the individual granted the unique certificate is, in fact, who he or she claims to be. Usually, this means
that the CA has an arrangement with a financial institution, such as a credit card company, which provides it
with information to confirm an individual's claimed identity. CAs are a critical component in data security
and electronic
commerce because they guarantee that the two parties exchanging information are really who
they claim to be.
D
DHCP
An Ethernet protocol specifying how a centralized DHCP server can assign network configuration
information to multiple DHCP clients. The assigned information includes IP addresses, DNS addresses, and
gateway (router) addresses.
DNS
Short for Domain Name System (or Service), an Internet service that translates domain names into IP
addresses. Because domain names are alphabetic, they're easier to remember. The Internet however, is really
Page 230 / 238
Reference Manual for the ProSafe VPN Firewall 25 with 4 Gigabit LAN and Dual WAN Ports
-4
Glossary
202-10085-01, March 2005
based on IP addresses. Every time you use a domain name, therefore, a DNS service must translate the name
into the corresponding IP address. For example, the domain name www.example.com might translate to
198.105.232.4. The DNS system is, in fact, its own network. If one DNS server doesn't know how to
translate a particular domain name, it asks another one, and so on, until the correct IP address is returned.
Domain Name
A descriptive name for an address or group of addresses on the Internet. Domain names are of the form of a
registered entity name plus one of a number of predefined top level suffixes such as .com, .edu, .uk, etc. For
example, in the address mail.NETGEAR.com, mail is a server name and NETGEAR.com is the domain.
DSL
Short for digital subscriber line, but is commonly used in reference to the asymmetric version of this
technology (ADSL) that allows data to be sent over existing copper telephone lines at data rates of from 1.5
to 9 Mbps when receiving data (known as the downstream rate) and from 16 to 640 Kbps when sending data
(known as the upstream rate).
ADSL requires a special ADSL modem. ADSL is growing in popularity as more areas around the world
gain access.
DSLAM
DSL Access Multiplexor. The piece of equipment at the telephone company central office that provides the
ADSL signal.
Dynamic Host Configuration Protocol
DHCP. An Ethernet protocol specifying how a centralized DHCP server can assign network configuration
information to multiple DHCP clients. The assigned information includes IP addresses, DNS addresses, and
gateway (router) addresses.
E
EAP
Extensible Authentication Protocol is a general protocol for authentication that supports multiple
authentication methods. EAP, an extension to PPP, supports such authentication methods as token cards,
Kerberos, one-time passwords, certificates, public key authentication and smart cards. In wireless
communications using EAP, a user requests connection to a WLAN through an AP, which then requests the
identity of the user and transmits that identity to an authentication server such as RADIUS. The server asks
the AP for proof of identity, which the AP gets from the user and then sends back to the server to complete
the authentication. EAP is defined by RFC 2284.
ESSID
The Extended Service Set Identification (ESSID) is a thirty-two character (maximum) alphanumeric key
identifying the wireless local area network.

Rate

4 / 5 based on 1 vote.

Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top