Cisco 7604 Configuration Manual page 712

Glossary
IP Security. A framework of open standards that provides data confidentiality, data integrity, and data
IPSec
authentication between participating peers. IPSec provides these security services at the IP layer.
IPSec uses
generate the encryption and authentication keys to be used by IPSec. IPSec can protect one or more
data flows between a pair of hosts, between a pair of security gateways, or between a security gateway
and a host.
The first phase of negotiating IPSec, includes the key exchange and the
IPSec Phase 1
The second phase of negotiating IPSec. Phase two determines the type of encryption rules used for
IPSec Phase 2
payload, the source and destination that will be used for encryption, the definition of interesting traffic
according to access lists, and the
A transform set specifies the
IPSec transform set
matching the
corresponding algorithms. The
algorithm and HMAC-SHA for authentication.
Internet Security Association and Key Management Protocol. A protocol framework that defines
ISAKMP
payload formats, the mechanics of implementing a key exchange protocol, and the negotiation of a
security association. See IKE.
Internet service provider. An organization that provides connection to the
ISP
such as modem dial in over telephone voice lines or DSL.
J
Java Telephony Application Programming Interface. A Java-based API supporting telephony
JTAPI
functions. See also TAPI.
K
A data object used for encryption, decryption, or authentication.
key
A strong network authentication protocol for client-server applications that uses secret-key
Kerberos
cryptography. Kerberos is one of the SASL mechanisms available for security appliance
authentication to an LDAP server.
L
Local area network. A network residing in one location, such as a single building or campus. See also
LAN
Internet, intranet, and network.
Networking models implement layers with which different protocols are associated. The most
layer, layers
common networking model is the OSI model, which consists of the following 7 layers, in order:
physical, data link, network, transport, session, presentation, and application.
Logical channel number.
LCN
Catalyst 6500 Series Switch and Cisco 7600 Series Router Firewall Services Module Configuration Guide using ASDM
GL-10
IKE to handle the negotiation of protocols and algorithms based on local policy and to
IPSec
IPSec protocol, encryption algorithm, and hash algorithm to use on traffic
IPSec policy. A transform describes a security protocol
IPSec
peer. IPSec is applied to the interface in Phase 2.
protocol used in almost all transform sets is
ISAKMP portions of IPSec.
(AH or ESP) with its
ESP with the
Internet via their services,
OL-20748-01
DES