VPN/DSL Security Option Glossary
24-10618-155 Rev. A A-3
This document contains confidential and proprietary information of Johnson Controls, Inc.
© 2012 Johnson Controls, Inc.
IP Security (IPSec) – Security standard produced by the Internet Engineering Task Force
(IETF). It is a protocol suite that provides everything you need for secure communications—
authentication, integrity, and confidentiality— and makes key exchange practical even in
larger networks. See also DES-CBC, and ESP/AH.
ISAKMP – The Internet Security Association and Key Management Protocol (ISAKMP)
provides a framework for Internet key management and provides the specific protocol
support for negotiation of security attributes. By itself, it does not establish session keys,
however it can be used with various session key establishment protocols to provide a
complete solution to Internet key management.
Kerberos V5 – An Internet standard security protocol for handling authentication of user or
system identity. With Kerberos V5, passwords that are sent across network lines are
encrypted, not sent as plaintext. Kerberos V5 also includes other security features.
Key Management – The only reasonable way to protect the integrity and privacy of information
is to rely upon the use of secret information in the form of private keys for signing and/or
encryption. The management and handling of these pieces of secret information is generally
referred to as “key management.” This includes the activities of selection, exchange, storage,
certification, expiration, revocation, changing, and transmission of keys. Most of the work in
managing information security systems lies in the key management.
MD5 – Message Digest (version) 5, an algorithm that produces a 128-bit message digest (or
hash) from a message of arbitrary length. The resulting hash is used, like a “fingerprint” of
the input, to verify authenticity.
Netmask – A netmask indicates which part of an IP address indicates network identification
and which part indicates the host identification. For example, the IP address and netmask
10.20.30.1 255.255.255.0 (or 10.20.30.1/24) refers to all the hosts in the 10.20.30.0 subnet.
The IP address and netmask 10.20.30.1 255.255.255.255 (or 10.20.30.1/32) refers to a single
host.
Network Address Translation (NAT) – A standard for translating secure IP addresses to
temporary, external, registered IP address from the address pool. This allows Trusted
networks with privately assigned IP addresses to have access to the Internet. This also means
that you don’t have to get a registered IP address for every machine in your network. packet
A unit of information transmitted as a whole from one device to another on a network. In
packet-switching networks, a packet is defined more specifically as a transmission unit of
fixed maximum size that consists of binary digits representing data; a header containing an
identification number, source, and destination addresses; and sometimes error-control data.
Packet Internet Groper (ping) – A simple utility that tests if a network connection is complete,
from the server to the workstation, by sending a message to the remote computer. If the
remote computer receives the message, it responds with a reply message. The reply consists
of the remote workstation's IP address, the number of bytes in the message, how long it took
to reply—given in milliseconds (ms)—and the length of Time to Live (TTL) in seconds.
Ping works at the IP level and will often respond even when higher-level TCP-based services
cannot.
To Next Page
Loading...
