Juniper NETWORK AND SECURITY MANAGER 2010.4 - ADMININISTRATION GUIDE REV1 Administration Manual page 905

Trunk Port
Trust Zone
Tunnel Interface
Tunnel Zone
Tunneling
U
UDP Flood
Universal Resource
Locator (URL)
Universal Unique
IDentifier UUID)
Untrust Zone
User
Copyright © 2010, Juniper Networks, Inc.
A trunk port enables a switch to bundle traffic from several VLANs through a single physical
port, sorting the various packets by the VLAN identifier (VID) in their frame headers.
One of two predefined zones that enables packets to be secured from being seen by devices
external to your current domain.
A tunnel interfaces is the opening, or doorway, through which traffic to or from a VPN tunnel
passes. A tunnel interface can be numbered (that is, assigned an IP address) or unnumbered.
A numbered tunnel interface can be in either a tunnel zone or security zone. An unnumbered
tunnel interface can only be in a security zone that contains at least one security zone interface.
The unnumbered tunnel interface borrows the IP address from the security zone interface.
A tunnel zone is a logical segment that hosts one or more tunnel interfaces. A tunnel zone is
associated with a security zone that acts as its carrier.
A method of data encapsulation. With VPN tunneling, a mobile professional dials into a local
Internet Service Provider's Point of Presence (POP) instead of dialing directly into their corporate
network. This means that no matter where mobile professionals are located, they can dial a
local Internet Service Provider that supports VPN tunneling technology and gain access to
their corporate network, incurring only the cost of a local telephone call. When remote users
dial into their corporate network using an Internet Service Provider that supports VPN tunneling,
the remote user as well as the organization knows that it is a secure connection. All remote
dial-in users are authenticated by an authenticating server at the Internet Service Provider's
site and then again by another authenticating server on the corporate network. This means
that only authorized remote users can access their corporate network, and can access only
the hosts that they are authorized to use.
A UDP flood is an attack using multiple UDP packets. An attacker can send UDP packets to
slow the target system to the point that it can no longer handle valid connections. You can
configure the security device with a threshold to invoke UDP flood attack protection; when
UDP packet flow exceeds this threshold, the device records the UDP flood attack as a statistics.
A URL is a standard method of specifying the location of an available electronic resource. Also
known as a location or address, a URL specifies the location of files on servers. A general URL
has the syntax protocol://address. For example, http://www.srl.rmit.edu.au/pd/index.html
specifies that the protocol is http and the address is www.srl.rmit.edu.au/pd/index.html.
The UUID is a 128-bit number assigned to any object within a Distributed Computing
Environment (DCE) cell which is guaranteed to be unique.
One of two predefined zones that enables packets to be seen by devices external to your
current domain.
A user is a person using the network your security devices are protecting. NSM supports two
types of users: local users and external users.
Appendix A: Glossary
855