Cisco ASA 5505 Configuration Manual page 1792

Glossary
With the TCP intercept feature, once the optional embryonic connection limit is reached, and until the
TCP Intercept
embryonic connection count falls below this threshold, every SYN bound for the affected server is
intercepted. For each SYN, the adaptive security appliance responds on behalf of the server with an
empty SYN/ACK segment. The adaptive security appliance retains pertinent state information, drops
the packet, and waits for the client acknowledgment. If the ACK is received, a copy of the client SYN
segment is sent to the server and the
security appliance and the server. If this three-way handshake completes, the connection may resume
as normal. If the client does not respond during any part of the connection phase, then the adaptive
security appliance retransmits the necessary segment using exponential back-offs.
Tag Distribution Protocol. TDP is used by tag switching devices to distribute, request, and release tag
TDP
binding information for multiple network layer protocols in a tag switching network. TDP does not
replace routing protocols. Instead, it uses information learned from routing protocols to create tag
bindings. TDP is also used to open, monitor, and close TDP sessions and to indicate errors that occur
during those sessions. TDP operates over a connection-oriented transport layer protocol with
guaranteed sequential delivery (such as TCP). The use of TDP does not preclude the use of other
mechanisms to distribute tag binding information, such as piggybacking information on other
protocols.
A terminal emulation protocol for TCP/IP networks such as the Internet. Telnet is a common way to
Telnet
control web servers remotely; however, its security vulnerabilities have led to its replacement by SSH.
Trivial File Transfer Protocol. TFTP is a simple protocol used to transfer files. It runs on UDP and is
TFTP
explained in depth in RFC 1350.
Tunnel Identifier.
TID
Transport Layer Security. A future IETF protocol to replace SSL.
TLS
The traffic policing feature ensures that no traffic exceeds the maximum rate (bits per second) that you
traffic policing
configure, which ensures that no one traffic flow can take over the entire resource.
See
transform set
See xlate.
translate,
translation
A mode in which the adaptive security appliance is not a router hop. You can use transparent firewall
transparent firewall
mode to simplify your network configuration or to make the adaptive security appliance invisible to
mode
attackers. You can also use transparent firewall mode to allow traffic through that would otherwise be
blocked in
An IPsec
transport mode
header untouched. Transport mode is less secure than tunnel mode.
TAPI Service Provider. See also TAPI.
TSP
An IPsec
tunnel mode
Tunnel mode is more secure than transport mode.
Cisco ASA 5500 Series Configuration Guide using ASDM
GL-20
IPsec transform set.
routed firewall mode. See also
encryption mode that encrypts only the data portion (payload) of each packet but leaves the
encryption mode that encrypts both the header and data portion (payload) of each packet.
TCP three-way handshake is performed between the adaptive
routed firewall mode.
OL-20339-01