McAfee SG310 Administration Manual page 396

Glossary
Connection Tracking
D
Data Encryption Standard
(DES)
Dead Peer Detection
DHCP
Diffie-Hellman Group or
Oakley Group
Diffie-Hellman Key Exchange
Distinguished Name
DNS
DUN
E
Encapsulating Security
Payload (ESP)
Encryption
Ethernet
Extranet
EVDO
F
Failover
Fall-forward
Firewall
G
396 McAfee UTM Firewall 4.0.4 Administration Guide
A record of the packets that have passed through the unit, the state of each packet, and
how the packets relate to each other.
The Data Encryption Standard is a block cipher with 64-bit blocks and a 56-bit key.
The method of detecting if the remote party has a stale set of keys and if the tunnel
requires rekeying. To interoperate with the UTM Firewall appliance, it must conform to
the draft-ietf-IPSec-dpd-00.txt.
Dynamic Host Configuration Protocol. A communications protocol that assigns IP
addresses to computers when they are connected to the network.
The groups used as the basis of Diffie-Hellman key exchange in the Oakley protocol, and
in IKE.
A protocol that allows two parties without any initial shared secret to create one in a
manner immune to eavesdropping. Once they have done this, they can communicate
privately by using that shared secret as a key for a block cipher or as the basis for key
exchange.
A list of attributes that defines the description of the certificate. These attributes include:
country, state, locality, organization, organizational appliance and common name.
Domain Name System that allocates Internet domain names and translates them into IP
addresses. A domain name is a meaningful and easy to remember name for an IP
address.
Dial Up Networking.
Encapsulated Security Payload is the IPSec protocol which provides encryption and can
also provide authentication service.
The technique for converting a readable message (plaintext) into apparently random
material (ciphertext) which cannot be read if intercepted. The proper decryption key is
required to read the message.
A physical layer protocol based upon IEEE standards.
A private network that uses the public Internet to securely share business information
and operations with suppliers, vendors, partners, customers, or other businesses.
Extranets add external parties to a company's intranet.
Evolution – Data Optimized. A 3G cellular technology that offers greater bandwidth and
higher connection speeds.
A method for detecting that the main Internet connection (usually a broadband
connection) has failed and the UTM Firewall appliance cannot communicate with the
Internet. If this occurs, the appliance automatically moves to a lower speed, secondary
Internet connection.
A method for shutting down the failover connection when the main Internet connection
can be re-established.
A network gateway device that protects a private network from users on other networks.
A firewall is usually installed to allow users on an intranet access to the public Internet
without allowing public Internet users access to the intranet.