Symantec 460R - Gateway Security Administrator's Manual page 172

172 Glossary
logon procedure
MAC (Media Access Control) On a network, a computer's unique hardware number. The MAC address is used by the Media Access Control sublayer
main mode
MIME (Multipurpose
Internet Mail Extensions)
modem
monitoring
multicast
multicasting
name server
NAT (Network Address
Translation)
NAT (Network Address
Translation) pool
network
NIDS (network-based
intrusion detection system)
NNTP (Network News
Transfer Protocol)
node
NTP
null modem cable
online
The process of identifying oneself to a computer after connecting to it by means of a directly connected keyboard or
over a communications line. During the logon procedure, the computer usually requests a user name and password.
On a computer used by more than one person, the logon procedure identifies authorized users, keeps track of their
usage time, and maintains security by controlling access to sensitive files or actions.
of the Data Link Control (DLC) layer of telecommunication protocols. There is a different MAC sublayer for each
physical device type. The data-link layer is the protocol layer in a program that handles the moving of data in and out
across a physical link in a network.
An ISAKMP (IKE) negotiation typically used for gateway-to-gateway VPN tunnels where the originating IP address of
both parties is known. More secure than the abbreviated aggressive mode, which doesn't use IP source as part of the
authentication exchange. See also aggressive mode.
A protocol for transmitting documents with different formats over the Internet.
A device that enables a computer to transmit information over a standard telephone line. Modems can transmit at
different speeds or data transfer rates. See also bps.
The viewing of activity in a security environment, generally in real-time. Monitoring lets administrators view the
content of applications that are being used.
A bandwidth-conserving technology that reduces traffic by simultaneously delivering a single stream of information
to the members of a multicast group. Using a multicast router, packets sent from a single source are reviewed,
replicated, and sent to all members in the multicast group.
A method of cloning packets and sending them to a group of computers simultaneously across a network.
A computer running a program that converts domain names into appropriate IP addresses and vice versa. See also
DNS.
A technique that hides a packet's real source or destination address by changing it to different IP address. For
example, a security gateway might change the source IP address of a packet that originates from a protected host to
the same IP address as the security gateway's outside interface. This results in all external hosts thinking that the
packet originated from the security gateway, thus effectively hiding the real source host.
A set of addresses that are designated as replacement addresses for client IP addresses. You can use this NAT pool
addressing capability to conserve IP addresses, resolve address conflicts, and create virtual clients.
A group of computers and associated devices that are connected by communications facilities (both hardware and
software) for the purpose of sharing information and peripheral devices such as printers and modems. See also LAN
(local area network).
A type of intrusion detection system that works at the network level by monitoring packets on the network and
gauging whether a hacker is attempting to sending a large number of connection requests to a computer on the
network, indicating an attempt either to break into a system or cause a denial of service attack. Unlike other
intrusion detection systems, a NIDS is able to monitor numerous computers at once.
The predominant protocol used by computers (servers and clients) for managing the notes posted on newsgroups.
NNTP replaced the original Usenet protocol, UNIX-to-UNIX.
In a network, an addressable device that is attached to the network and can recognize, process, or forward data
transmissions.
A protocol used to synchronize or set the real-time clock in a computer or appliance. There are numerous publicly
available primary and secondary servers in the Internet that are synchronized to the Coordinated Universal Time
(UTC).
A cable that enables two computers to communicate without the use of modems. A null modem cable accomplishes
this by crossing the sending and receiving wires so that the wire used for transmitting by one device is used for
receiving by the other and vice versa.
The state of being connected to the Internet. When a user is connected to the Internet, the user is said to be online.