User's Manual
device fingerprint Information collected about a device for the purpose of identification. Fingerprints can
fully or partially identify individual users or devices even when cookies are turned off.
device name Within the device family, a classification based on granular details such as OS version—for
example, if the device family is Windows, the value for device name might be Windows 7 or Windows 2008
Server. One of three hierarchical elements in a device profile.
device provisioning Process of preparing a device for use on an enterprise network, by creating the
appropriate access credentials and setting up the network connection parameters. Same as onboarding.
DHCP Dynamic Host Configuration Protocol. An auto-configuration protocol used on IP networks. Computers
or any network peripherals that are connected to IP networks must be configured before they can
communicate with other computers on the network. DHCP allows a computer to be configured automatically,
eliminating the need for a network administrator. DHCP also provides a central database to keep track of
computers connected to the network; this database helps prevent any two computers from being configured
with the same IP address.
digital certificate Contains identification data (see distinguished name) and the public key portion of a
public/private key pair, and a signature that is generated by a certificate authority. The signature ensures the
integrity of the data in the certificate (only the certificate authority can create valid certificates).
Disconnect-Ack NAS response packet to a Disconnect-Request, indicating that the session was disconnected.
Disconnect-Nak NAS response packet to a Disconnect-Request, indicating that the session could not be
disconnected.
Disconnect-Request RADIUS packet type sent to a NAS requesting that a user or session be disconnected.
dissolvable agent Functionality within ClearPass OnGuard. Performs a one-time check at login to ensure
policy compliance. Devices not meeting compliance can be redirected to a captive portal for manual
remediation. When the browser page used during authentication is closed, the dissolvable agent is removed,
leaving no trace. The Web-based dissolvable agent is ideal for personal, non IT-issued devices that connect via a
captive portal and do not allow agents to be permanently installed. See also persistent agent and OnGuard.
distinguished name (DN) Series of fields in a digital certificate that, taken together, constitute the unique
identity of the person or device that owns the digital certificate. Common fields in a distinguished name include
country, state, locality, organization, organizational unit, and the “common name”, which is the primary name
used to identify the certificate.
DN See distinguished name.
EAP Extensible Authentication Protocol (RFC 3748). An authentication framework that supports multiple
authentication methods. In tunneled EAP methods, authentication and posture credential exchanges occur
inside of a protected outer tunnel.
EAP-FAST EAP – Flexible Authentication Secure Tunnel. (tunneled)
EAP-GTC EAP Generic Token Card. (non-tunneled)
EAP-MD5 EAP-Method Digest 5. (non-tunneled)
EAP-MSCHAP; EAP-MSCHAPv2 EAP Microsoft Challenge Handshake Authentication Protocol, version 1 and
version 2. (non-tunneled)
EAPoUDP EAP over UDP. See also UDP.
EAP-PEAP Protected EAP. A widely-used protocol for securely transporting authentication data across a
network. (tunneled)
EAP-TLS EAP – Transport LayerSecurity (RFC 5216). A certificate-based authentication method supporting
mutual authentication, integrity-protected ciphersuite negotiation and key exchange between two endpoints.
Dell Networking W-ClearPass Guest 6.4 | User Guide Glossary | 537