Glossary
FortiGate-100A Administration Guide
01-28007-0068-20041203
363
Glossary
address
: An IP address (logical address) or the
address of a physical interface (hardware address). An
Ethernet address is sometimes called a MAC address.
See also
IP address
.
aggressive mode
: A way to establish a secure
channel during IPSec phase 1 negotiations when the
VPN peer uses its identity as part of the authentication
process. See also
main mode
.
AH, Authentication Header
: An IPSec security
protocol. Fortinet IPSec uses ESP in tunnel mode, not
AH. See
ESP
.
ARP, Address Resolution Protocol
: A protocol that
resolves a logical IP address to a physical Ethernet
address.
authentication
: A process whereby a server
determines whether a client may establish a
connection and access private resources.
CA, Certificate Authority
: A company that issues
digital certificates to validate the identity of a person or
entity in an online exchange.
CHAP, Challenge Handshake Authentication
Protocol
: An authentication protocol supported by
PPP. See also
PPP
.
client
: An application that requires and requests
services from a server.
cluster
: A group of servers configured to act as a
single fault-tolerant unit.
connection
: A link between computers, applications,
or processes that can be logical, physical, or both.
decryption
: A method of decoding an encrypted file
into its original state.
DHCP, Dynamic Host Configuration Protocol
: An
Internet protocol that assigns IP addresses to network
clients, usually when the client connects to the Internet.
Diffie-Hellman
: An algorithm for establishing a shared
secret key over an insecure medium. See
Diffie-
Hellman group
.
Diffie-Hellman group
: FortiGate units support Diffie-
Hellman groups 1, 2 and 5. The size of the modulus
used to calculate the key varies according to the group:
• Group 1: 768-bit modulus
• Group 2: 1024-bit modulus
• Group 5: 1536-bit modulus
digital certificate
: A digital document that guarantees
the identity of a person or entity and is issued by a CA.
DMZ, Demilitarized Zone
: An untrusted area of a
private network, usually used to host Internet services
without allowing unauthorized access to an internal
(private) network. Typically, the DMZ contains servers
accessible to Internet traffic, such as Web, FTP, SMTP,
and DNS servers.
DMZ interface
: The FortiGate interface that connects
to a DMZ network.
DNS, Domain Name System
: A service that converts
symbolic node names to IP addresses. A domain name
server (DNS server) implements the protocol.
DoS, Denial-of-Service
: An attempt to disrupt a
service by flooding the network with fake requests that
consume network resources.
DSL, Digital Subscriber Line
: A way to access the
Internet at higher speeds using existing copper
telephone lines. Users can maintain a continuous
connection to the Internet and use the phone
simultaneously.
encapsulate
: Add a header to a packet to create a unit
of transmission that matches the unit of transmission
on a different network layer.
encryption
: A method of encoding a file so that it
cannot be understood. The information must be
decrypted before it can be used.
endpoint
: The IP address or port number that defines
one end of a connection.
ESP, Encapsulated Security Protocol
: An IPSec
security protocol that provides encapsulation of
encrypted data—IP packets are embedded in other IP
packets so that the originating source and destination
IP addresses cannot be seen on the Internet.
Содержание FortiGate 100A
Страница 12: ...Contents 12 01 28007 0068 20041203 Fortinet Inc ...
Страница 24: ...24 01 28007 0068 20041203 Fortinet Inc FortiLog documentation Introduction ...
Страница 46: ...46 01 28007 0068 20041203 Fortinet Inc Installing and using a backup firmware image System status ...
Страница 72: ...72 01 28007 0068 20041203 Fortinet Inc Transparent mode VLAN settings System network ...
Страница 80: ...80 01 28007 0068 20041203 Fortinet Inc DHCP IP MAC binding settings System DHCP ...
Страница 114: ...114 01 28007 0068 20041203 Fortinet Inc Access profile options System administration ...
Страница 232: ...232 01 28007 0068 20041203 Fortinet Inc Profile CLI configuration Firewall ...
Страница 244: ...244 01 28007 0068 20041203 Fortinet Inc peergrp Users and authentication ...
Страница 276: ...276 01 28007 0068 20041203 Fortinet Inc ipsec vip VPN ...
Страница 338: ...338 01 28007 0068 20041203 Fortinet Inc Configuring the banned word list Spam filter ...
Страница 356: ...356 01 28007 0068 20041203 Fortinet Inc syslogd setting Log Report ...
Страница 374: ...374 01 28007 0068 20041203 Fortinet Inc Index ...