Fortinet FortiGate FortiGate-5001 Administration Manual page 379

IP address: The point of attachment to a TCP/IP
network. An IP address is a 32-bit quantity written in
dotted decimal notation (four numbers separated by
periods). See also netmask.
IPSec, Internet Protocol Security: A set of protocols
that support secure exchange of packets at the IP
layer. IPSec is most often used to support VPNs. See
VPN.
ISP, Internet Service Provider: A company that
provides customers with access to the Internet.
KB, kilobyte: A unit of storage (1 024 bytes).
L2TP, Layer 2 Tunneling Protocol: A security protocol
that enables ISPs to establish VPN tunnels on behalf of
dialup clients.
LAN, Local Area Network: A computer network that
spans a relatively small area.
Layer 2: The data-link layer of the OSI model. Layer 2
is responsible for transmission, framing, and error
control over a single link.
Layer 3: The network layer of the OSI model. Layer 3
is responsible for examining each network packet and
sending them to the proper destination over the
Internet.
link failover: If a link failure causes an interface on the
primary cluster unit to stop processing network traffic, a
cluster unit that has not experienced the same link
failure becomes the new primary cluster unit. All
functions, all established firewall connections, and all
IPSec VPN sessions fail over to the new primary
cluster unit.
load balancing: Also known as active-active HA. All
units in the cluster process network traffic. The FGCP
employs a technique called unicast load balancing.
The primary cluster unit is associated with the cluster
HA virtual MAC address and cluster IP address. The
primary unit is the only cluster unit to receive packets
sent to the cluster. The primary unit can process
packets itself, or propagate them to subordinate cluster
units according to a load balancing schedule.
local: The near end point (an IP address or port
number) of a connection.
MAC address, Media Access Control address: A
layer-2 hardware address that uniquely identifies a
network node.
FortiGate-5000 series Administration Guide
main mode: A way to hide the identities of VPN peers
from passive eavesdroppers during IPSec phase 1
negotiations. See also aggressive mode.
MB, Megabyte: A unit of storage (1 048 576 bytes).
MIB, Management Information Base: A database of
objects that can be monitored by an SNMP network
manager.
modem: A device that converts digital signals into
analog signals and back again for transmission over
telephone lines.
monitored interface: An interface that is configured
with a monitor priority. The cluster monitors the
connectivity of this interface for all cluster units. If a
monitored interface fails or becomes disconnected
from its network, the cluster will compensate.
MTU, Maximum Transmission Unit: The largest
physical packet size, measured in bytes, that a network
can transmit. Any packets larger than the MTU are
divided into smaller packets before they are sent.
NAT, Network Address Translation: A way of routing
IPv4 packets transparently. Using NAT, a router or
FortiGate unit between a private and public network
translates private IP addresses to public addresses
and the other way around.
netmask, network mask: Also sometimes called
subnet mask. A 32-bit quantity that indicates which bits
of an IP address refer to the network portion.
NTP, Network Time Protocol: Used to synchronize
the time of a computer to an NTP server. NTP provides
accuracies to within tens of milliseconds across the
Internet relative to coordinated universal time.
OSI, Open Systems Interconnection: A standard that
defines network communication protocols using a
seven-layer model.
packet: A piece of data transmitted over a packet-
switched network. A packet contains a payload, the
source and destination addresses, and a checksum. In
IP networks, packets are often called datagrams.
Packets are passed between the OSI data-link and
network layers.
PAP, Password Authentication Protocol: An
authentication protocol supported by PPP. See also
PPP.
01-28008-0013-20050204
Glossary
379