TMS zl Management and Configuration Guide ST.1.0.090213

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module

901

902

903

904

905

906

907

908

909

910

B-11

Glossary

firewall zone One of 11 pre-defined zones, which are logical groupings of VLANs for which

you can configure similar firewall access policies. The Self zone filters all

traffic to or from the module itself. Access control zones filter traffic that

crosses VLAN boundaries: External, Internal, DMZ, Self, Zone1, Zone2, Zone3,

Zone4, Zone5, and Zone6.

FQDN Fully Qualified Domain Name. An FQDN specifies the exact location of a

node in the DNS’s tree hierarchy. For example: eng.procurve.edu.

fragment before

IPsec

An IPsec option where packets are fragmented before they are encrypted. This

helps remote tunnel endpoints process and decrypt the packets more quickly.

FTP File Transfer Protocol. A protocol for transferring files between networks,

which only runs on top of TCP. FTP servers “listen” on port 21 for requests

from a client. When a request is received the host and client negotiate an

alternate port through which they will send the data. The data can be sent in

active, passive, or extended passive modes. FTP offers no method for encrypt-

ing data, and is inherently unsecure. For more information, see RFC 959 at

http://www.ietf.org/rfc/rfc0959.txt.

FTP bounce An attack in which the attacker uses the PORT command to indirectly scan

the ports of the targeted device. The FTP ALG protects against this attack.

gain access A signature family for attacks wherein the attacker attempts to gain access to

your network.

gateway The network node that provides access to other networks or subnets.

global maximum

connections

The cumulative maximum number of connections allowed for all zones.

global trusted

certificate

A digital certificate that is created by a trusted CA. Also known as a root

certificate.

GRE Generic Routing Encapsulation. A protocol that sends multicast or non-IP

packets through a tunnel on IP networks.

GRE over IPsec A method for securing GRE tunnels with IPsec for traffic that requires data

integrity or data privacy.

GRE tunnel A tunnel that is created by GRE which establishes a virtual point-to-point

connection between two devices across an intervening network.

guest user group A local user group designated for guest access.