Juniper NETWORK AND SECURITY MANAGER 2010.3 - ADMINISTRATION GUIDE REV1 Administration Manual page 885

K
Keepalive
Key Management
L
Land Attack
Launch Pad
Link State
Link state
Advertisement
Load Balancing
Local Preference
Lockout
Log
Log Category
Copyright © 2010, Juniper Networks, Inc.
The amount of time in seconds that elapses between keepalive packets which ensures that
the TCP connection between the local BGP router and a neighbor router is up. This value is
equal to one-third of the hold time. The default is 60 seconds.
The only reasonable way to protect the integrity and privacy of information is to rely upon the
use of secret information in the form of private keys for signing and/or encryption. The
management and handling of these pieces of secret information is generally referred to as "
key management." This includes the activities of selection, exchange, storage, certification,
expiration, revocation, changing, and transmission of keys. Most of the work in managing
information security systems lies in the key management.
During a Land Attack, attackers may send spoofed SYN packets that contain the IP address
of the target as both the destination and source IP address to create an empty connection.
These connections flood the target system, overwhelming it and causing a denial-of-service.
You can configure security devices to block Land Attack and record Land Attack attempts.
An otherwise blank user interface pane that provides access to commonly used functionality
within the associated NSM module.
Link state routing protocols operate using an algorithm commonly called the Shortest Path
First (SPF) algorithm. Instead of relying on rumored information from directly connected
neighbors as in distance vector protocols, each router in a link state system maintains a
complete topology of the network and computes SPF information based on the topology.
Link State Advertisements (LSAs) are the conveyance that enables OSPF routers to make
device, network, and routing information available for the link state database. Each router
retrieves information from the LSAs sent by other routers on the network to construct a picture
of the entire internetwork from which they distill path information to use in the routing table.
Load balancing distributes workload to processors to improve the throughput of a concurrent
connections.
To provide better information than the Multi-Exit Discriminator (MED) value provides for a
packet's path selection, BGP provides an attribute known as the LOCAL_PREF or local
preference value. You can configure the LOCAL_PREF attribute so that it has a higher value
for prefixes received from a router that provides a desired path to be higher than prefixes heard
on the router that provides a less desirable path. The higher the value, the more preferred the
route. The LOCAL_PREF attribute is the metric most often used in practice to express
preferences for one set of paths over another.
Lockout is an object state during which the object cannot be edited.
A Log is a grouping of log entries.
A log category defines the log type (alarm, config, traffic, and so on).
Appendix A: Glossary
835