User guide

Glossary
94 (98) EN/LZT 108 6492 R1
April 2003
accessing private networks connected to the Internet, especially intranets. All
messages entering or leaving the intranet pass through the firewall, which examines
each message and blocks those that do not meet the specified security criteria.
There are several types of firewall techniques:
Packet filter: Looks at each packet entering or leaving the network and accepts or
rejects it based on user-defined rules. Packet filtering is fairly effective and
transparent to users, but it is difficult to configure. In addition, it is susceptible to
IP spoofing.
Application gateway: Applies security mechanisms to specific applications, such
as FTP and Telnet servers. This is very effective, but can impose a performance
degradation.
Circuit-level gateway: Applies security mechanisms when a TCP or UDP
connection is established. Once the connection has been made, packets can flow
between the hosts without further checking.
Proxy server: Intercepts all messages entering and leaving the network. The proxy
server effectively hides the true network addresses.
In practice, many firewalls use two or more of these techniques in concert.
Firmware
Software (programs or data) that has been written onto read-only memory (ROM).
Firmware is a combination of software and hardware.
FTP
Abbreviation of File Transfer Protocol, the protocol used on the Internet for sending
files.
Host
A computer that is connected to a TCP/IP network, including the Internet. Each host
has a unique IP address.
HTTP
Short for HyperText Transfer Protocol, the underlying protocol used by the World
Wide Web. HTTP defines how messages are formatted and transmitted, and what
actions Web servers and browsers should take in response to various commands. For
example, when you enter a URL in your browser, this actually sends an HTTP
command to the Web server directing it to fetch and transmit the requested Web page.
IANA
Short for Internet Assigned Numbers Authority, an organization working under the
auspices of the Internet Architecture Board (IAB) that is responsible for assigning new
Internet-wide IP addresses.
ICMP
Short for Internet Control Message Protocol, an extension to the Internet Protocol
(IP). ICMP supports packets containing error, control, and informational messages.
The PING command, for example, uses ICMP to test an Internet connection.
IETF
Short for Internet Engineering Task Force, the main standards organization for the
Internet. The IETF is a large open international community of network designers,
operators, vendors, and researchers concerned with the evolution of the Internet
architecture and the smooth operation of the Internet. It is open to any interested
individual.