The Authentication Header is one of the security protocols used with IPSec. AH provides authentication and integrity, for the entire packet (both the IP header and the data carried in the packet). AH signs the entire packet. It does not encrypt the data. The data is readable, but protected from modification. Packet integrity is assured by digital signatures applied to each packet.
Border Gateway Protocol (BGP)
A routing protocol designed for use between autonomous systems. BGP is especially useful for detecting routing loops.
DHCP
The Dynamic Host Configuration Protocol is a series of network protocols and services that allow for automatic assignment of IP addressing information to TCP/IP network clients configured as DHCP Client computers.
Diffie-Hellman group
Diffie-Hellman groups are used to determine the length of the base prime numbers used during the key exchange. The longer the prime number used, the more difficult it is to break the encryption code.
DMZ
A DMZ or Demilitarized Zone, is a typically a network segment that is located inside of the firewall, but outside your internal network. The subnet represented as the DMZ can either be placed between the firewall and the gateway to your internal network, or you can use a Multihomed server that allows you to set different security policies to each network interface.
DNS
An hierarchical name service for TCP/IP hosts. DNS allows users to connect to network resources via friendly host names, rather than having to remember IP addresses for network servers.
Encapsulating Security Payload (ESP)
ESP provides confidentiality, in addition to authentication and integrity. ESP is one of the security protocols used in IPSec.
Interior Gateway Routing Protocol (IGRP)
IGRP is a distance vector routing protocol developed by Cisco Systems, Inc.
Internet Security Association and Key Management Protocol (ISAKMP)
Internet Security Association and Key Management Protocol (ISAKMP) defines a common framework to support the establishment of security associations which are used by IPSec. When combined with the Oakley protocol, it is referred to as the Internet Key Exchange (IKE).
MAC
Message Authentication Code, or Media Access Control. A Message Authentication Code is the result of hashing, and often referred to as a Hash Message Authentication Code or HMAC. This is the digital signature applied to signed packets. A Media Access Control address is a hardware address applied to a network interface.
MADCAP
A protocol that automates distribution of multicast address configurations for network clients.
NAT
NAT enables private IP addresses to be translated into public IP addresses for traffic to and from the Internet.
NetBIOS
A session layer interface used to allow NetBIOS applications to work properly on TCP/IP based networks.
Network Address Translation
See NAT.
Oakley key generation protocol
A Key Generation Protocol used to create secure keys for the establishment of a Security Association.
Open Shortest Path First (OSPF)
A Link State Routing Protocol.
Open Systems Interconnection (OSI)
A framework designed by the International Standards Organization for which new network protocols to based themselves.
Packet assembler-disassembler (PAD)
A network device used on X.25 internetworks.
RRAS
The Routing and Remote Access Service. A collection of network services relating to routing and remote access that are brought together into a single Microsoft Management Console.
Server authorization list
missing term
SOCKS
The Sockets session layer interface. Microsoft Proxy Server 2.0 provides a SOCKS proxy for non-Microsoft clients to access
Internet resources via the Proxy Server.
Transport mode
IPSec communications in Transport mode support end-to-end protection of data.
Tunnel mode
IPSec communications in Tunnel Mode support end-to-end protection of data only between the tunnel endpoints. This endpoints are
typically VPN Servers.
VPNs
Virtual Private Networks. Virtual network connections established over public networks that allow for authentication and
encryption of data. VPNs use tunneling technology and private network communications take place inside the encrypted tunnel over the public network.
WINS
Windows Internet Name Service. The name of the Microsoft NetBIOS Name Service. A WINS Server resolve NetBIOS names to IP addresses.
WinSock
The Windows Sockets Session Layer interface. Applications written for the WinSock interface use DNS hosts names for resource name resolution.
