User manual

ManualsBrandsSecure Computing ManualsComputer equipmentSG550

281

282

283

284

285

286

287

288

289

290

Appendix A – Terminology

280

SHA Secure Hash Algorithm, a 160 bit hash. It is one of two message digest

algorithms available in IPSec.

Security

Parameter Index

(SPI)

Security Parameter Index, an index used within IPsec to keep

connections distinct. Without the SPI, two connections to the same

gateway using the same protocol could not be distinguished.

Subnet mask See "Net mask".

Switch A network device that is similar to a hub, but much smarter. Although

not a full router, a switch partically understands how to route Internet

packets. A switch increases LAN efficiency by utilizing bandwidth more

effectively.

TCP/IP Transmission Control Protocol/Internet Protocol. The basic protocol for

Internet communication.

TCP/IP address Fundamental Internet addressing method that uses the form

nnn.nnn.nnn.nnn.

TripleDES

(3DES)

Using three DES encryptions on a single data block, with at least two

different keys, to get higher security than is available from a single DES

pass.

UTC Coordinated Universal Time.

UTP Unshielded Twisted Pair cabling. A type of Ethernet cable that can

operate up to 100Mbits/s. Also known as Category 5 or CAT 5.

VPN Virtual Private Networking. When two locations commmunicate

securely and effectively across a public network (e.g. the Internet).

The three key features of VPN technology are privacy (nobody can see

what you are communicating), authentication (you know who you are

communicating with), and integrity (nobody can tamper with your

messages/data).

WAN Wide Area Network.

WINS Windows Internet Naming Service that manages the association of

workstation names and locations with IP addresses.

x.509 Certificates An x.509 certificate includes the format of the certificate, the serial

number of the certificate, the algorithm used to sign the certificate, the

name of the CA that issued the certificate, the name and public key of

the entity requesting the certificate, and the CA's signature.x.509

certificates are used to authenticate the remote party against a

Certificate Authority's (CA) certificate. The CA certificate must have

signed the local certificates that are used for tunnel authentication.

Certificates need to be uploaded into the SG unit before a tunnel can

be configured to use them (see Certificate Management).