Terminology - Juniper ISG 2000 User Manual

Terminology

The following list contains acronyms and terminology used throughout this guide:
CLI command line interface, a tool for configuring ScreenOS through a
console, Telnet, or secure shell (SSH) connection
DMZ demilitarized zone, a predefined security zone for resources such as
Web servers to which you allow access from unknown hosts
function zone a conceptual location for interfaces providing specific functionality,
such as device management access or high availability (HA) links
Global zone a security zone without an interface that acts as a virtual storage
space for mapped IP (MIP) and virtual IP (VIP) addresses
hot swappable able to be recognized by a system when connected and disconnected
without having to turn off and on the system
IDP Intrusion Detection and Prevention, a technology for performing
deep packet inspection and taking preventive action
IKE Internet Key Exchange, a protocol for securely yet publicly
negotiating keys to authenticate and encrypt/decrypt traffic
IPSec Internet Protocol Security, a suite of related protocols for
cryptographically securing communications at the IP packet layer
license key a key (in the form of an alphanumeric string) that unlocks features or
capacities within ScreenOS
MGT zone a function zone from which administrators can connect to the ISG
2000 exclusively for management purposes
mini-GBIC a gigabit interface converter that fits in a removable transceiver
NAT mode an operational mode for Layer 3 interfaces that translates the source
IP address of packets
NetScreen-Security a management application that configures and monitors multiple
Manager devices over a local or wide area network (LAN or WAN) environment
Null zone a virtual storage space for interfaces not bound to a zone
policy a rule that permits, denies, rejects, or tunnels specified types of
traffic unidirectionally between two points
route-based VPN tunnel a VPN tunnel bound to a tunnel interface to which a route points
Route mode an operational mode for Layer 3 interfaces that routes IP packets
through the ISG 2000 without modifying the packet header content
security zone a collection of one or more network segments requiring the
regulation of interzone and intrazone traffic through policies
ScreenOS the operating system of the ISG 2000
Transparent mode an operational mode for Layer 2 interfaces that forwards traffic like a
switch or bridge
Trust zone a predefined security zone for protected network resources to which
you typically do not allow access from unknown hosts
tunnel interface a logical interface that you bind to a route-based VPN tunnel
Untrust zone a predefined security zone for unknown network hosts typically in a
WAN such as the Internet
WebUI Web user interface, a graphical user interface for configuring
ScreenOS through a Web browser
:
vii
Terminology