Cisco FirePOWER ASA 5500 series Configuration Manual page 961

Allows a remote
split tunneling
access to the Internet. If you do not enable split tunneling, all traffic between the
security appliance is sent through an
to the outside interface through a tunnel, and client access to the
A type of attack designed to foil network security mechanisms such as filters and access lists. A
spoofing
spoofing attack sends a packet that claims to be from an address from which it was not actually sent.
Structured Query Language Protocol. An Oracle protocol used to communicate between client and
SQL*Net
server processes.
Secure Shell. An application running on top of a reliable transport layer, such as TCP/IP, that provides
SSH
strong authentication and encryption capabilities.
Secure Sockets Layer. A protocol that resides between the application layer and TCP/IP to provide
SSL
transparent encryption of data traffic.
See
standby unit
Network protocols maintain certain data, called state information, at each end of a network connection
stateful inspection
between two hosts. State information is necessary to implement the features of a protocol, such as
guaranteed packet delivery, data sequencing, flow control, and transaction or session IDs. Some of the
protocol state information is sent in each packet while each protocol is being used. For example, a
browser connected to a web server uses
maintains state information in the packets it sends and receives. The security appliance and some other
firewalls inspect the state information in each packet to verify that it is current and valid for every
protocol it contains. This is called stateful inspection and is designed to create a powerful barrier to
certain types of computer security threats.
Static Port Address Translation. Static PAT is a static address that also maps a local port to a global
Static PAT
port. See also
See mask.
subnetmask
T
Terminal Access Controller Access Control System Plus. A client-server protocol that supports
TACACS+
services, including command authorization. See also AAA, RADIUS.
Telephony Application Programming Interface. A programming interface in Microsoft Windows that
TAPI
supports telephony functions.
Transmission Control Protocol. Connection-oriented transport layer protocol that provides reliable
TCP
full-duplex data transmission.
OL-10088-01
VPN client simultaneous encrypted access to a private network and clear unencrypted
secondary unit.
Dynamic PAT, NAT.
IPSec tunnel. All traffic originating from the
HTTP and supporting TCP/IP protocols. Each protocol layer
Cisco Security Appliance Command Line Configuration Guide
VPN client and the
VPN client is sent
Internet from its remote site is denied.
Glossary
AAA
GL-19