Utm Offload Glossary - Allied Telesis AR Series Technical Manual

Setting up and Configuring UTM Offload

UTM Offload Glossary


Forwarding device (AR4050S)
The device that intercepts packets, sends them to the offload device for processing and finally
forwards the packets when they return. It also manages the configuration of the offload device.

Offload Device
The headless device that provides UTM packet processing offload for the forwarding device. A
headless device is a device that does not have a user-facing User interface.

Offload Image
Full software release that runs on the offload device. The offload image is downloaded from the
Update Server by the forwarding device and used to network boot the offload device.

PXE Boot
Pre-boot Execution Environment (PXE) is the standard method used to boot off the shelf
hardware across a network without first needing to install software on that hardware. The
forwarding device functions as a PXE boot server to boot the offload device using the offload
image.

Service Function Chaining (SFC)
SFC is a standardized mechanism for how network service functions are applied to packets.
Packets are classified and matched by local policy to a configured Service Function Path (SFP).
Those packets are then forwarded by the Service Function Forwarder (SFF) to each Service
Function (SF) in the order specified in the path. SFC is used internally in UTM Offload as the
underlying mechanism for offloading packets to the remote UTM engine.

UTM
In the context of UTM Offload, consists of one or more of the following security features:





Bare-Metal Hypervisor
A hypervisor or virtual machine monitor (VMM) is computer software, firmware or hardware that
creates and runs virtual machines. A bare-metal hypervisor, also known as a Type 1 hypervisor,
is virtualization software that has been installed directly onto the computing hardware and does
not require the installation of an additional underlying operating system.
C613-22104-00 REV B
IDS/IPS. Detects packets/flows that may threaten the network and when run in inline mode,
prevents that threat.
IP Reputation. Categorizes public hosts based on their global reputation so that undesirable
traffic can be blocked.
URL Filtering. Blocks access to websites that are known to contain resources that could
potentially cause harm to endpoints.
Malware Protection. Scans traffic byte streams for signatures of common Malware and
prevents that Malware from entering the network.
Advanced Network Protection
|
UTM Offload Glossary Page 63