Glossary
GL-14
Cisco Security Appliance Command Line Configuration Guide
OL-10088-01
Perfmon
The security appliance feature that gathers and reports a wide variety of feature statistics, such as
connections/second, xlates/second, etc.
PFS
Perfect Forwarding Secrecy. PFS enhances security by using different security key for the IPSec Phase
1 and Phase 2 SAs. Without PFS, the same security key is used to establish SAs in both phases. PFS
ensures that a given IPSec SA key was not derived from any other secret (like some other keys). In
other words, if someone were to break a key, PFS ensures that the attacker would not be able to derive
any other key. If PFS were not enabled, someone could hypothetically break the IKE SA secret key,
copy all the IPSec protected data, and then use knowledge of the IKE SA secret to compromise the
IPSec SA setup by this IKE SA. With PFS, breaking IKE would not give an attacker immediate access
to IPSec. The attacker would have to break each IPSec SA individually.
Phase 1
See IPSec Phase 1.
Phase 2
See IPSec Phase 2.
PIM
Protocol Independent Multicast. PIM provides a scalable method for determining the best paths for
distributing a specific multicast transmission to a group of hosts. Each host has registered using IGMP
to receive the transmission. See also PIM-SM.
PIM-SM
Protocol Independent Multicast-Sparse Mode. With PIM-SM, which is the default for Cisco routers,
when the source of a multicast transmission begins broadcasting, the traffic is forwarded from one MC
router to the next, until the packets reach every registered host. See also PIM.
Ping
An ICMP request sent by a host to determine if a second host is accessible.
PIX
Private Internet eXchange. The Cisco PIX 500-series security appliances range from compact,
plug-and-play desktop models for small/home offices to carrier-class gigabit models for the most
demanding enterprise and service provider environments. Cisco PIX security appliances provide
robust, enterprise-class integrated network security services to create a strong multilayered defense
for fast changing network environments.
PKCS12
A standard for the transfer of PKI-related data, such as private keys, certificates, and other data.
Devices supporting this standard let administrators maintain a single set of personal identity
information.
PNS
PPTP Network Server. A PNS is envisioned to operate on general-purpose computing/server
platforms. The PNS handles the server side of PPTP. Because PPTP relies completely on TCP/IP and
is independent of the interface hardware, the PNS may use any combination of IP interface hardware
including LAN and WA N devices.
Policy NAT
Lets you identify local traffic for address translation by specifying the source and destination
addresses (or ports) in an access list.
POP
Post Office Protocol. Protocol that client e-mail applications use to retrieve mail from a mail server.
Pool
See IP pool.
Port
A field in the packet headers of TCP and UDP protocols that identifies the higher level service which
is the source or destination of the packet.
PPP
Point-to-Point Protocol. Developed for dial-up ISP access using analog phone lines and modems.
To Next Page
Loading...
