Glossary
GL-18
Cisco ASA Series CLI Configuration Guide
 
security context
You can partition a single ASA into multiple virtual firewalls, known as security contexts. Each 
context is an independent firewall, with its own security policy, interfaces, and administrators. 
Multiple contexts are similar to having multiple stand-alone firewalls.
security services
See cryptography.
serial transmission
A method of data transmission in which the bits of a data character are transmitted sequentially over 
a single channel.
SGCP
Simple Gateway Control Protocol. Controls Vo I P  gateways by an external call control element (called 
a call-agent).
SGSN
Serving GPRS Support Node. The SGSN ensures mobility management, session management, and 
packet relaying functions.
SHA-1
Secure Hash Algorithm 1. SHA-1 [NIS94c] is a revision to SHA that was published in 1994. SHA is 
closely modeled after MD4 and produces a 160-bit digest. Because SHA produces a 160-bit digest, it 
is more resistant to brute-force attacks than 128-bit hashes (such as MD5), but it is slower. Secure 
Hash Algorithm 1 is a joint creation of the National Institute of Standards and Technology and the 
National Security Agency. This algorithm, like other hash algorithms, is used to generate a hash value, 
also known as a message digest, that acts like a CRC used in lower-layer protocols to ensure that 
message contents are not changed during transmission. SHA-1 is generally considered more secure 
than MD5.
SIP
Session Initiation Protocol. Enables call handling sessions, particularly two-party audio conferences, 
or calls. SIP works with SDP for call signaling. SDP specifies the ports for the media stream. Using 
SIP, the ASA can support any SIP Vo I P  gateways and Vo I P  proxy servers.
site-to-site VPN
A site-to-site VPN is established between two IPsec peers that connect remote networks into a single 
VPN. In this type of VPN, neither IPsec peer is the destination nor source of user traffic. Instead, each 
IPsec peer provides encryption and authentication services for hosts on the LANs connected to each 
IPsec peer. The hosts on each LAN send and receive data through the secure tunnel established by the 
pair of IPsec peers.
SKEME
A key exchange protocol that defines how to derive authenticated keying material, with rapid key 
refreshment.
SMR
Stub Multicast Routing. SMR allows the ASA to function as a stub router. A stub router is a device 
that acts as an IGMP proxy agent. IGMP is used to dynamically register specific hosts in a multicast 
group on a particular LAN with a multicast router. Multicast routers route multicast data transmissions 
to hosts that are registered to receive specific multimedia or other broadcasts. A stub router forwards 
IGMP messages between hosts and MC routers.
SMTP
Simple Mail Transfer Protocol. SMTP is an Internet protocol that supports email services.
SNMP
Simple Network Management Protocol. A standard method for managing network devices using data 
structures called Management Information Bases.
split tunneling
Allows a remote VPN client simultaneous encrypted access to a private network and clear unencrypted 
access to the Internet. If you do not enable split tunneling, all traffic between the VPN client and the 
ASA is sent through an IPsec tunnel. All traffic originating from the VPN client is sent to the outside 
interface through a tunnel, and client access to the Internet from its remote site is denied.