359
Ident
The
Ident
protocol is used for identification of user who established certain TCP connec-
tion from a particular (multi-user) system. The
Ident
service is used for example by IRC
servers, FTP servers and other services.
More information (in English) can be found for example at
IMAP
Internet Message Access Protocol (IMAP) enables clients to manage messages stored on
a mail server without downloading them to a local computer. This architecture allows the
user to access his/her mail from multiple locations (messages downloaded to a local host
disk would not be available from other locations).
IP address
IP address is a unique 32-bit number used to identify the host in the Internet. It is spec-
ified by numbers of the decimal system (
0-255
) separated by dots (e.g.
195.129.33.1
).
Each packet contains information about where it was sent from (source IP address) and
to which address it is to be delivered (destination IP address).
IPSec
IPsec
(
IP Security Protocol
) is an extended IP protocol which enables secure data transfer.
It provides services similar to SSL/TLS, however, these services are provided on a network
layer. IPSec can be used for creation of encrypted tunnels between networks (VPN) — so
called tunnel mode, or for encryption of traffic between two hosts— so called transport
mode.
Kerberos
Kerberos is a system used for secure user authentication in network environments. It was
developed at the
MIT
university and it is a standard protocol used for user authentication
under
Windows 2000/2003/2008
. Users use their passwords to authenticate to the central
server (
KDC, Key Distribution Center
) and the server sends them encrypted tickets which
can be used to authenticate to various services in the network. In case of the
Windows
2000/2003/2008
domains, function of
KDC
is provided by the particular domain server.
LDAP
LDAP (Lightweight Directory Access Protocol) is an Internet protocol used to access di-
rectory services. Information about user accounts and user rights, about hosts included
in the network, etc. are stored in the directories.
NAT
NAT
(
Network Address Translation
) stands for substitution of IP addresses in packets
passing through the firewall:
•
source address translation (
Source NAT, SNAT
) — in packets going from local
networks to the Internet source (private) IP addresses are substituted with the
external (public) firewall address. Each packet sent from the local network is
recorded in the NAT table. If any packet incoming from the Internet matches
with a record included in this table, its destination IP address will be substituted
by the IP address of the appropriate host within the local network and the packet
Summary of Contents for KERIO WINROUTE FIREWALL 6
Page 1: ...Kerio WinRoute Firewall 6 Administrator s Guide Kerio Technologies s r o...
Page 157: ...12 3 Content Rating System Kerio Web Filter 157 Figure 12 7 Kerio Web Filter rule...
Page 247: ...19 4 Alerts 247 Figure 19 14 Details of a selected event...
Page 330: ...Chapter 23 Kerio VPN 330 Figure 23 55 The Paris filial office VPN server configuration...
Page 368: ...368...