Cisco PIX Firewall and VPN Configuration Guide, Version 6.3
Acronyms and Abbreviations
Downloads: This chapterpdf (PDF - 200.0KB) The complete bookPDF (PDF - 11.78MB) | Feedback

Acronyms and Abbreviations

Table Of Contents

Acronyms and Abbreviations


Acronyms and Abbreviations


This appendix lists the acronyms and abbreviations used in this document. Refer to the Cisco PIX Firewall Command Reference for information on the commands described in this section.

For more information on acronyms used in this guide, refer to the Internetworking Terms and Acronyms guide, which can be viewed online at the following website:

http://www.cisco.com/univercd/cc/td/doc/cisintwk/ita/index.htm

Table A-1 Acronyms and Abbreviations 

Acronym
Description

AAA

authentication, authorization, and accounting.

ABR

Area Border Router.

ACE

Access Control Entry.

ACL

access control list.

AH

Authentication Header.

ARP

Address Resolution Protocol—A low-level TCP/IP protocol that maps a node's hardware address (called a "MAC" address) to its IP address. Defined in RFC 826. An example hardware address is 00:00:a6:00:01:ba. (The first three groups specify the manufacturer, the rest identify the host's motherboard.)

ASBR

Autonomous System Boundary Router.

BGP

Border Gateway Protocol—While PIX Firewall does not support use of this protocol, you can set the routers on either side of the PIX Firewall to use RIP between them and then run BGP on the rest of the network before the routers.

BOOTP

Bootstrap Protocol—Lets diskless workstations boot over the network and is described in RFC 951 and RFC 1542.

CA

certification authority.

CHAP

Challenge Handshake Authentication Protocol. Security feature supported on lines using PPP encapsulation that prevents unauthorized access.

CPP

Combinet Proprietary Protocol.

chargen

Character Generation—Via TCP, a service that sends a continual stream of characters until stopped by the client. Via UDP, the server sends a random number of characters each time the client sends a datagram. Defined in RFC 864.

conn

Connection slot in PIX Firewall—Refer to the xlate command page in the Cisco PIX Firewall Command Reference for more information.

CPU

Central Processing Unit.

CRL

certificate revocation list.

CTI

Computer Telephony Integration.

CTIQBE

Computer Telephony Interface Quick Buffer Encoding.

DES

Data Encryption Standard.

DH

Diffie-Hellman.

DHCP

Dynamic Host Configuration Protocol.

DNS

Domain Name System—Operates over UDP unless zone file access over TCP is required.

DoS

Denial of service.

ECMP

Equal Cost Multi-Path.

EEPROM

Electrically Erasable Programmable Read-Only Memory.

EGP

Exterior Gateway Protocol—While PIX Firewall does not support use of this protocol, you can set the routers on either side of the PIX Firewall to use RIP between them and then run EGP on the rest of the network before the routers.

EIGRP

Enhanced Interior Gateway Routing Protocol—While PIX Firewall does not support use of this protocol, you can set the routers on either side of the PIX Firewall to use RIP between them and then run EIGRP on the rest of the network before the routers.

ESP

Encapsulating Security Payload. Refer to RFC 1827 for more information.

FDDI

Fiber Distributed Data Interface—Fiber optic interface.

FTP

File Transfer Protocol.

gaddr

Global address—An address set with the global and static commands.

GRE

Generic routing encapsulation protocol—Commonly used with Microsoft's implementation of PPTP.

H.323

A collection of protocols that allow the transmission of voice data over TCP/IP networks.

HSRP

Hot-Standby Routing Protocol.

HTTP

Hypertext Transfer Protocol—The service that handles access to the World Wide Web.

HTTPS

HTTP over SSL.

IANA

Internet Assigned Number Authority—Assigns all port and protocol numbers for use on the Internet. You can view port numbers at the following site:

http://www.iana.org/assignments/port-numbers

You can view protocol numbers at the following site:

http://www.iana.org/assignments/protocol-numbers

ICMP

Internet Control Message Protocol—This protocol is commonly used with the ping command. You can view ICMP traces through the PIX Firewall with the debug trace on command. Refer to RFC 792 for more information.

IFP

Internet Filtering Protocol.

IGMP

Internet Group Management Protocol.

IGRP

Interior Gateway Routing Protocol.

IKE

Internet Key Exchange.

IKMP

Internet Key Management Protocol.

IP

Internet Protocol.

IPCP

IP Control Protocol. Protocol that establishes and configures IP over PPP.

IPinIP

IP-in-IP encapsulation protocol.

IPSec

IP Security Protocol efforts in the IETF (Internet Engineering Task Force).

IRC

Internet Relay Chat protocol—The protocol that lets users access chat rooms.

ISAKMP

Internet Security Association and Key Management Protocol.

ITU

International Telecommunication Union.

IUA

Individual User Authentication.

JTAPI

Java TAPI.

KDC

Key Distribution Center.

LSA

link-state advertisement.

L2TP

Layer Two Tunneling Protocol.

laddr

Local address—The address of a host on a protected interface.

MGCP

Media Gateway Control Protocol.

MD5

Message Digest 5—An encryption standard for encrypting VPN packets. This same encryption is used with the aaa authentication console command to encrypt Telnet sessions to the console.

MIB

Management Information Base—Used with SNMP.

MPPE

Microsoft Point-To-Point Encryption.

MS-CHAP

Microsoft CHAP (Challenge Handshake Authentication Protocol). See "CHAP" for more information.

MSRPC

Microsoft Remote Procedure Call.

MTU

maximum transmission unit—The maximum number of bytes in a packet that can flow efficiently across the network with best response time. For Ethernet, the default MTU is 1500 bytes, but each network can have different values, with serial connections having the smallest values. The MTU is described in RFC 1191.

NAT

Network Address Translation.

NBMA

nonbroadcast multiaccess.

NetBIOS

Network Basic Input Output System—An application programming interface (API) that provides special functions for PCs in local-area networks (LANs).

NIC

Network Information Center.

NNTP

Network News Transfer Protocol—News reader service.

NOS

Network Operating System.

NSSA

not so stubby area.

NTP

Network Time Protocol—Set system clocks via the network.

NVT

Network virtual terminal.

OSPF

Open Shortest Path First protocol.

PAP

Password Authentication Protocol. Authentication protocol that lets PPP peers authenticate one another.

PAT

Port Address Translation.

PDM

PIX Device Manager.

PFS

perfect forward secrecy.

PFSS

PIX Firewall Syslog Server.

PIM

Protocol Independent Multicast.

PIM-SM

PIM sparse mode.

PIX

Private Internet Exchange.

PKI

Public Key Infrastructure.

POP

Post Office Protocol.

PPPoE

Point-to-Point Protocol over Ethernet.

PPP

Point-to-Point Protocol. Provides PIX Firewall-to-router and host-to-network connections over synchronous and asynchronous circuits.

PPTP

Point-to-Point Tunneling Protocol. RFC 2637 describes the PPTP protocol.

RA

registration authority.

RADIUS

Remote Authentication Dial-In User Service—User authentication server specified with the aaa-server command.

RAS

The registration, admission, and status protocol. Provided with H.323 support.

RC4

RC4 is stream cipher designed by Rivest for RSA Data Security, Inc. It is a variable key-size stream cipher with byte-oriented operations. The algorithm is based on the use of a random permutation.

RFC

Request For Comment—RFCs are the defacto standards of networking protocols.

RIP

Routing Information Protocol.

RPC

Remote Procedure Call.

RSA

Rivest, Shamir, and Adelman. RSA is the trade name for RSA Data Security, Inc.

RTP

Real-Time Transport Protocol.

RTCP

RTP Control Protocol.

RTSP

Real Time Streaming Protocol.

SA

security association.

SCCP

Simple (Skinny) Client Control Protocol.

SDP

Session Description Protocol.

SIP

Session Initiation Protocol.

SSH

Secure Shell.

SMR

Stub Multicast Routing.

SMTP

Simple Mail Transfer Protocol—Mail service. The fixup protocol smtp command enables the Mail Guard feature. The PIX Firewall Mail Guard feature is compliant with both the RFC 1651 EHLO and RFC 821 section 4.5.1 commands.

SNMP

Simple Network Management Protocol—Set attributes with the snmp-server command.

SPC

Shared Profile Component.

SPI

Security Parameter Index—A number which, together with a destination IP address and security protocol, uniquely identifies a particular security association.

SQL*Net

SQL*Net is a protocol Oracle uses to communicate between client and server processes. (SQL stands for Structured Query Language.)

SUA

Secure Unit Authentication.

SYN

Synchronize sequence numbers flag in the TCP header.

TACACS+

Terminal Access Controller Access Control System Plus.

TAPI

Telephony Application Programming Interface.

TSP

TAPI Service Provider.

TCP

Transmission Control Protocol. Refer to RFC 793 for more information.

TurboACL

Turbo Access Control List—A feature introduced with PIX Firewall version 6.2 that improves the performance of large ACLs.

TFTP

Trivial File Transfer Protocol.

Triple DES

Triple Data Encryption Standard. Also known as 3DES.

uauth

User authentication.

UDP

User Datagram Protocol.

URL

Universal Resource Locator.

UUIE

user-user information element.

VLAN

virtual LAN.

VoIP

Voice over IP.

VPDN

virtual private dial-up network.

VPN

Virtual Private Network.

VTP

VLAN Trunking Protocol.

WWW

World Wide Web.

Xauth

extended authentication.

XDMCP

X Display Manager Control Protocol.

xlate

Translation slot in PIX Firewall.