Cisco ASA 5505 Configuration Manual page 1786

Glossary
The adaptive security appliance feature that gathers and reports a wide variety of feature statistics,
Perfmon
such as connections/second, xlates/second, and so on.
Perfect Forwarding Secrecy. PFS enhances security by using a different security key for the
PFS
Phase 1 and Phase 2 SAs. Without PFS, the same security key is used to establish SAs in both phases.
PFS ensures that a given
In other words, if someone were to break a key, PFS ensures that the attacker would not be able to
derive any other key. If PFS were not enabled, someone could hypothetically break the
key, copy all the
the IPsec SA
access to IPsec. The attacker would have to break each
See
Phase 1
See
Phase 2
Protocol Independent Multicast. PIM provides a scalable method for determining the best paths for
PIM
distributing a specific multicast transmission to a group of hosts. Each host has registered using IGMP
to receive the transmission. See also PIM-SM.
Protocol Independent Multicast-Sparse Mode. With PIM-SM, which is the default for Cisco routers,
PIM-SM
when the source of a multicast transmission begins broadcasting, the traffic is forwarded from one MC
router to the next, until the packets reach every registered host. See also PIM.
An ICMP
ping
Private Internet eXchange. The Cisco PIX 500 series adaptive security appliances ranged from
PIX
compact, plug-and-play desktop models for small/home offices to carrier-class gigabit models for the
most demanding enterprise and service provider environments. Cisco PIX adaptive security
appliances provided robust, enterprise-class integrated network security services to create a strong
multilayered defense for fast changing network environments. The PIX has been replaced by the Cisco
ASA 5500 series.
A standard for the transfer of PKI-related data, such as private keys, certificates, and other data.
PKCS12
Devices supporting this standard let administrators maintain a single set of personal identity
information.
PPTP
PNS
platforms. The PNS handles the server side of PPTP. Because
is independent of the interface hardware, the PNS may use any combination of IP interface hardware
including
Lets you identify local traffic for address translation by specifying the source and destination
Policy NAT
addresses (or ports) in an access list.
Post Office Protocol. Protocol that client e-mail applications use to retrieve mail from a mail server.
POP
See
Pool
A field in the packet headers of
Port
is the source or destination of the packet.
Point-to-Point Protocol. Developed for dial-up
PPP
Cisco ASA 5500 Series Configuration Guide using ASDM
GL-14
IPsec SA
IPsec protected data, and then use knowledge of the
setup by this IKE
IPsec Phase 1.
IPsec Phase 2.
request sent by a host to determine if a second host is accessible.
Network Server. A PNS is envisioned to operate on general-purpose computing/server
LAN and WAN devices.
IP pool.
key was not derived from any other secret (like some other keys).
SA. With PFS, breaking IKE
IPsec SA
TCP and UDP protocols that identifies the higher level service which
ISP access using analog phone lines and modems.
IKE SA
IKE SA secret to compromise
would not give an attacker immediate
individually.
PPTP relies completely on TCP/IP and
IPsec
secret
OL-20339-01