A-16
Appendix A: Glossary
P
P2P
Peer-to-Peer
. A P2P network is comprised of peer nodes rather than clients
and servers. P2P software allows end-users to connect directly to other end-
users and is used for file sharing. Many P2P software packages are considered
spyware
, and their use can be discouraged or even prohibited by corporate
policies.
PAP
Password Authentication Protocol
. A protocol used to authenticate a client
to a remote server or an Internet service provider. PAP transmits usernames
and passwords in unencrypted plaintext, making it insecure. For more infor-
mation, see RFC 1334 at
http://www.ietf.org/rfc/rfc1334.txt
.
PCM
ProCurve Manager
. ProCurve’s SNMP solution.
PEAP
Protected
EAP
. A transport mechanism developed to provide much of the
security of
EAP-TLS
without forcing
endpoints
to use digital
certificates
, thereby
drastically cutting the work to implement the protocol. PEAP requires only a
server-side
PKI
certificate to create a secure
TLS
tunnel to protect end-user
authentication
.
peer-to-peer
See
P2P
.
PEM
Privacy Enhanced Mail
. An IETF proposal to secure emails with
public keys
.
PEM depends on prior distribution of a hierarchical
PKI
with a single root. For
more information, see RFCs 1421–1424 at
http://www.ietf.org/rfc.html
.
permanent agent
An
agent
that is installed on an
endpoint
and that is not removed. The
NAC EI
agent
is a permanent agent.
See also
transient agent
.
PKI
Public Key Infrastructure
. A system of digital
certificates
,
CA
s, and other
registration authorities that verify and authenticate each party in an Internet
transaction. PKI enables devices to privately exchange data using a public
infrastructure such as the Internet by managing
key
s and certificates. From a
trusted CA, an end-user obtains a certificate, which includes the user’s iden-
tification information, a
public key
, and the CA’s signature. The end-user also
obtains the corresponding
private key
. The user authenticates with the certif-
icate. In addition, devices can encrypt messages destined to the user with the
user’s public key, which the user’s endpoint then decrypts with the private key.
See also
DSS
.
post-connect
testing
NAC tests that are run on endpoints after they have already connected
successfully to the network. The network administrator configures the length
of the
retest frequency
. If a device has become infected or no longer complies
with an organization’s security policies, the NAC 800 quarantines it.
Summary of Contents for 800
Page 1: ...Configuration Guide www procurve com ProCurve Network Access Controller 800 ...
Page 2: ......
Page 3: ...ProCurve Network Access Controller 800 Configuration Guide April 2008 1 0 30398 ...
Page 74: ...1 62 Overview of the ProCurve NAC 800 Deployment Methods ...
Page 155: ...3 27 Initial Setup of the ProCurve NAC 800 System Settings ...
Page 194: ...3 66 Initial Setup of the ProCurve NAC 800 Digital Certificates ...
Page 336: ...6 8 Disabling Endpoint Integrity Testing Overview ...
Page 354: ...7 18 Redundancy and Backup for RADIUS Services Back Up Your NAC 800 Configuration ...
Page 380: ...A 26 Appendix A Glossary ...
Page 394: ...B 14 Appendix B Linux Commands Service Commands ...
Page 405: ......