Glossary
GL-18
Cisco Security Appliance Command Line Configuration Guide
OL-12172-03
SDP
Session Definition Protocol. An
IETF
protocol for the definition of Multimedia Services. SDP
messages can be part of
SGCP
and
MGCP
messages.
secondary unit
The backup security appliance when two are operating in failover mode.
secret key
A secret key is a key shared only between the sender and receiver. See
key
,
public key
.
security context
You can partition a single security appliance into multiple virtual firewalls, known as security
contexts. Each context is an independent firewall, with its own security policy, interfaces, and
administrators. Multiple contexts are similar to having multiple stand-alone firewalls.
security services
See
cryptography
.
serial transmission
A method of data transmission in which the bits of a data character are transmitted sequentially over
a single channel.
SGCP
Simple Gateway Control Protocol. Controls
VoIP
gateways by an external call control element (called
a call-agent).
SGSN
Serving GPRS Support Node. The SGSN ensures mobility management, session management and
packet relaying functions.
SHA-1
Secure Hash Algorithm 1. SHA-1 [NIS94c] is a revision to SHA that was published in 1994. SHA is
closely modeled after MD4 and produces a 160-bit digest. Because SHA produces a 160-bit digest, it
is more resistant to brute-force attacks than 128-bit hashes (such as
MD5
), but it is slower. Secure
Hash Algorithm 1 is a joint creation of the National Institute of Standards and Technology and the
National Security Agency. This algorithm, like other hash algorithms, is used to generate a hash value,
also known as a message digest, that acts like a
CRC
used in lower-layer protocols to ensure that
message contents are not changed during transmission. SHA-1 is generally considered more secure
than
MD5
.
SIP
Session Initiation Protocol. Enables call handling sessions, particularly two-party audio conferences,
or “calls.” SIP works with
SDP
for call signaling.
SDP
specifies the ports for the media stream. Using
SIP, the security appliance can support any SIP
VoIP
gateways and
VoIP
proxy servers.
site-to-site VPN
A site-to-site
VPN
is established between two
IPSec
peers that connect remote networks into a single
VPN
. In this type of
VPN
, neither
IPSec
peer is the destination or source of user traffic. Instead, each
IPSec
peer provides encryption and authentication services for hosts on the
LAN
s connected to each
IPSec
peer. The hosts on each
LAN
send and receive data through the secure tunnel established by the
pair of
IPSec
peers.
SKEME
A key exchange protocol that defines how to derive authenticated keying material, with rapid key
refreshment.
SMR
Stub Multicast Routing. SMR allows the security appliance to function as a “stub router.” A stub
router is a device that acts as an
IGMP
proxy agent.
IGMP
is used to dynamically register specific
hosts in a multicast group on a particular
LAN
with a multicast router. Multicast routers route
multicast data transmissions to hosts that are registered to receive specific multimedia or other
broadcasts. A stub router forwards
IGMP
messages between hosts and
MC router
s.
SMTP
Simple Mail Transfer Protocol. SMTP is an Internet protocol that supports email services.
SNMP
Simple Network Management Protocol. A standard method for managing network devices using data
structures called Management Information Bases.
Summary of Contents for 500 Series
Page 38: ...Contents xxxviii Cisco Security Appliance Command Line Configuration Guide OL 12172 03 ...
Page 45: ...P A R T 1 Getting Started and General Information ...
Page 46: ......
Page 277: ...P A R T 2 Configuring the Firewall ...
Page 278: ......
Page 561: ...P A R T 3 Configuring VPN ...
Page 562: ......
Page 891: ...P A R T 4 System Administration ...
Page 892: ......
Page 975: ...P A R T 5 Reference ...
Page 976: ......