Juniper NETWORK AND SECURITY MANAGER 2010.2 - ADMINISTRATION GUIDE REV1 Administration Manual page 876

Network and Security Manager Administration Guide
Security Device
Security Parameters
Index
Security Policies
Security Zone
Server Manager
Service Object
Session Description
Protocol (SDP)
Session Initiation
Protocol (SIP)
SGSN
SHA-1
Shared Objects
Short Frame
826
A security device enables access to your network components and protects your network
against malicious traffic. NSM can manage security devices running ScreenOS 5.x and ScreenOS
6.0.x. All devices from NetScreen-5XT to the NetScreen-5400 are supported, except the
NetScreen-5, NetScreen-10, and NetScreen-1000. NSM also supports the NetScreen-5GT
running ScreenOS 4.0-DIAL2. NSM can also manage vsys configurations, NSRP clusters, and
extranet devices.
The SPI is a hexadecimal value which uniquely identifies each tunnel. It also tells the security
device which key to use to decrypt packets.
A security policy defines access to your network, including permitted services, users, and time
periods. Use security policies to control the shape of your network traffic as it passes through
the firewall, or log specific network events.
A security zone is a collection of one or more network segments requiring the regulation of
inbound and outbound traffic via access policies.
The Server Manager is a module of the NSM User Interface. Server Manager contains server
objects that represent your management system components. Use Server Manager to manage
and monitor the individual server processes that comprise your NSM system.
Service objects represent the IP traffic types for existing protocol standards. Security devices
monitor and manage network traffic using these protocols. NSM includes predefined service
objects for most standard services. You can also create custom service objects to represent
services that are not included in the list of predefined service objects, or to represent a custom
service running on your network.
SDP session descriptions appear in many SIP messages and provide information that a system
can use to join a multimedia session. SDP might include information such as IP addresses,
port numbers, times, dates, and information about the media stream.
SIP is an IETF (Internet Engineering Task Force)-standard protocol for initiating, modifying,
and terminating multimedia sessions over the Internet. Such sessions might include
conferencing, telephony, or multimedia, with features such as instant messaging and
application-level mobility in network environments.
Serving GPRS Support Node.
Secure Hash Algorithm-1, an algorithm that produces a 160-bit hash from a message of arbitrary
length. (It is generally regarded as more secure than MD5 because of the larger hashes it
produces.)
A shared object is an object that can be shared across domains.
A short frame contains less than 64 bytes of data.
Copyright © 2010, Juniper Networks, Inc.