Cisco PIX 520 - PIX Firewall 520 Online Help Manual page 7

Conduit—An exception to the PIX Firewall Adaptive Security Algorithm permitting connections from external
to internal networks. Refer to the Configuration Guide for the Cisco Secure PIX Firewall Version x.x for
information on conduits.
Configuration, Config, Config File—The PIX Firewall file which represents the equivalent of settings,
preferences, and properties administered by PDM or the CLI. See also Configuration File Terminology.
CSPM—Cisco Secure Policy Manager (CSPM) is a multi-device management tool for Cisco security products
including PIX firewalls, Cisco IOS firewalls, VPN routers and Intrusion Detection System (IDS) Sensors. CSPM
also provides other management services including monitoring, notification and reporting. For more information,
see http://wwwin.cisco.com/cmc/cc/pd/sqsw/sqppmn/prodlit/csp22_rg.htm . Caution: CSPM operates on the
assumption that it is the only management interface for the PIX, and it will overwrite configuration changes made
through other means, including PDM. See CSPM and PDM in Applying Configuration Changes for additional
information.
Cut-Through Proxies—User-based authentication of inbound or outbound connections. Allows security policies
to be enforced on a per-user-ID basis, providing faster traffic flow after authentication.
DHCP—Dynamic Host Configuration Protocol. Provides a mechanism for allocating IP addresses to hosts
dynamically, so that addresses can be reused when hosts no longer need them.
DMZ—See Interface
DNS—Domain Name System (or Service). An Internet service that translates domain names, which are
alphabetic, into IP addresses, which are composed of numbers.
Dynamic PAT, NAT—See NAT, PAT, Address Translation.
E-H
ECHO—See Ping, ICMP. See also Fixup.
Failover, Failover mode—The PIX Firewall feature which links a primary unit and standby (or secondary) unit
together, sharing the same configuration file, so that, if the primary fails, the standby unit can continue to provide
network services. See also System Properties>Failover.
Fixup—A procedure the PIX Firewall employs to process certain application-level protocols. The specific
processing performed by a Fixup will vary by protocol, and can include tasks such as translating IP addresses
embedded in the protocol payload and providing access through the PIX Firewall for dynamically-created data
sessions.
Flash, Flash memory—A memory chip which retains data without power. A type of nonvolatile storage device.
The PIX Firewall configuration may written to its internal Flash by a menu item or . Note: Not related to
Macromedia Flash, a web animation plug-in and file format standard.
FragGuard feature—a Cisco feature that provides IP fragment protection and performs full reassembly of all
ICMP error messages and virtual reassembly of the remaining IP fragments that are routed through the PIX