Table of Contents
Advertisement
Glossary
Gateway
H
Hashes
Hub
I-J
IDB
Internet
Intranet
Intrusion Prevention System
(IPS)
IP Compression
IPSec
IPSec tunnel
IPSec with Dynamic DNS
IKE
ISAKMP
K
Key lifetimes
L
LAN
LED
McAfee UTM Firewall 4.0.4 Administration Guide
A machine that provides a route (or pathway) to the outside world.
A code, calculated based on the contents of a message. This code should have the
property that it is extremely difficult to construct a message so that its Hash comes to a
specific value. Hashes are useful because they can be attached to a message, and
demonstrate that it has not been modified. If a message were to be modified, then its
hash would have changed, and would no longer match the original hash value.
A network device that allows more than one computer to be connected as a LAN, usually
using UTP cabling.
Intruder Detection and Blocking. A feature of your UTM Firewall appliance that detects
connection attempts from intruders and can also optionally block all further connection
attempts from the intruder's machine.
A worldwide system of computer networks. A public, cooperative, and self-sustaining
network of networks accessible to hundreds of millions of people worldwide. The Internet
is technically distinguished because it uses the TCP/IP set of protocols.
A private TCP/IP network within an enterprise.
A Snort mode that resides behind the firewall and detects and blocks a wide range of
attacks.
A good encryption algorithm produces ciphertext that is evenly distributed. This makes
it difficult to compress. If one wishes to compress the data it must be done prior to
encrypting. The IPcomp header provides for this. One of the problems of tunnel mode is
that it adds 20 bytes of IP header, plus 28 bytes of ESP overhead to each packet. This
can cause large packets to be fragmented. Compressing the packet first may make it
small enough to avoid this fragmentation.
Internet Protocol Security. IPSec provides interoperable, high quality,
cryptographically-based security at the IP layer and offers protection for network
communications.
The IPSec connection to securely link two private parties across insecure and public
channels.
Dynamic DNS can be run on the IPSec endpoints thereby creating an IPSec tunnel using
dynamic IP addresses.
IKE is a profile of ISAKMP that is for use by IPSec. It is often called simply IKE. IKE
creates a private, authenticated key management channel. Using that channel, two
peers can communicate, arranging for sessions keys to be generated for AH, ESP or
IPcomp. The channel is used for the peers to agree on the encryption, authentication and
compression algorithms to be used. The traffic to which the policies are applied is also
agreed upon.
ISAKMP is a framework for doing Security Association Key Management. It can, in
theory, be used to produce session keys for many different systems, not just IPSec.
The length of time before keys are renegotiated.
Local Area Network.
Light-Emitting Diode.
397
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
Related Manuals for McAfee SG310
Related Products for McAfee SG310
- McAfee SG720
- McAfee SAV85E - Active VirusScan - PC
- MCAFEE AGENT 4.0 PATCH 2 - FOR WINDOWS S 10-03-2009
- MCAFEE EPOLICY ORCHESTRATOR 4.0 PATCH 5 - S 12-05-2009
- MCAFEE VIRUSSCAN ENTERPRISE 8.7I PATCH 1 - S 24-04-2009
- MCAFEE VIRUSSCAN ENTERPRISE 8.7I PATCH 2 - S 31-08-2009
- MCAFEE VIRUSSCAN ENTERPRISE 8.7I PATCH 3 - S 09-02-2009
- McAfee SMEFCE-AI-DA - Email Security Service Inbound