Cisco PIX 500 Series Configuration Manual page 1112
Security appliance command line
Hide thumbs
Also See for PIX 500 Series:
- Administration manual (653 pages) ,
- Quick start manual (72 pages) ,
- User manual (60 pages)
Table of Contents
Advertisement
Glossary
With the TCP intercept feature, once the optional embryonic connection limit is reached, and until the
TCP Intercept
embryonic connection count falls below this threshold, every SYN bound for the effected server is
intercepted. For each SYN, the security appliance responds on behalf of the server with an empty
SYN/ACK segment. The security appliance retains pertinent state information, drops the packet, and
waits for the client acknowledgment. If the ACK is received, then a copy of the client SYN segment
is sent to the server and the
and the server. If this three-way handshake completes, may the connection resume as normal. If the
client does not respond during any part of the connection phase, then the security appliance
retransmits the necessary segment using exponential back-offs.
Tag Distribution Protocol. TDP is used by tag switching devices to distribute, request, and release tag
TDP
binding information for multiple network layer protocols in a tag switching network. TDP does not
replace routing protocols. Instead, it uses information learned from routing protocols to create tag
bindings. TDP is also used to open, monitor, and close TDP sessions and to indicate errors that occur
during those sessions. TDP operates over a connection-oriented transport layer protocol with
guaranteed sequential delivery (such as TCP). The use of TDP does not preclude the use of other
mechanisms to distribute tag binding information, such as piggybacking information on other
protocols.
A terminal emulation protocol for TCP/IP networks such as the Internet. Telnet is a common way to
Telnet
control web servers remotely; however, its security vulnerabilities have led to its replacement by SSH.
Trivial File Transfer Protocol. TFTP is a simple protocol used to transfer files. It runs on UDP and is
TFTP
explained in depth in RFC 1350.
Tunnel Identifier.
TID
Transport Layer Security. A future IETF protocol to replace SSL.
TLS
The traffic policing feature ensures that no traffic exceeds the maximum rate (bits per second) that you
traffic policing
configure, thus ensuring that no one traffic flow can take over the entire resource.
See
transform set
See xlate.
translate,
translation
A mode in which the security appliance is not a router hop. You can use transparent firewall mode to
transparent firewall
simplify your network configuration or to make the security appliance invisible to attackers. You can
mode
also use transparent firewall mode to allow traffic through that would otherwise be blocked in
firewall
An
IPSec
transport mode
header untouched. Transport mode is less secure than tunnel mode.
TAPI Service Provider. See also TAPI.
TSP
An
tunnel mode
Tunnel mode is more secure than transport mode.
Cisco Security Appliance Command Line Configuration Guide
GL-20
TCP
IPSec transform
set.
mode. See also
routed firewall
encryption mode that encrypts only the data portion (payload) of each packet, but leaves the
IPSec
encryption mode that encrypts both the header and data portion (payload) of each packet.
three-way handshake is performed between the security appliance
mode.
routed
OL-12172-03
Advertisement
Table of Contents
Troubleshooting
