Table A-1 Acronyms and Abbreviations
Acronym
|
Description
|
AAA
|
authentication, authorization, and accounting.
|
ABR
|
Area Border Router.
|
ACE
|
Access Control Entry.
|
ACL
|
access control list.
|
AH
|
Authentication Header.
|
ARP
|
Address Resolution Protocol—A low-level TCP/IP protocol that maps a node's hardware address (called a "MAC" address) to its IP address. Defined in RFC 826. An example hardware address is 00:00:a6:00:01:ba. (The first three groups specify the manufacturer, the rest identify the host's motherboard.)
|
ASBR
|
Autonomous System Boundary Router.
|
BGP
|
Border Gateway Protocol—While PIX Firewall does not support use of this protocol, you can set the routers on either side of the PIX Firewall to use RIP between them and then run BGP on the rest of the network before the routers.
|
BOOTP
|
Bootstrap Protocol—Lets diskless workstations boot over the network and is described in RFC 951 and RFC 1542.
|
CA
|
certification authority.
|
CHAP
|
Challenge Handshake Authentication Protocol. Security feature supported on lines using PPP encapsulation that prevents unauthorized access.
|
CPP
|
Combinet Proprietary Protocol.
|
chargen
|
Character Generation—Via TCP, a service that sends a continual stream of characters until stopped by the client. Via UDP, the server sends a random number of characters each time the client sends a datagram. Defined in RFC 864.
|
conn
|
Connection slot in PIX Firewall—Refer to the xlate command page in the Cisco PIX Firewall Command Reference for more information.
|
CPU
|
Central Processing Unit.
|
CRL
|
certificate revocation list.
|
CTI
|
Computer Telephony Integration.
|
CTIQBE
|
Computer Telephony Interface Quick Buffer Encoding.
|
DES
|
Data Encryption Standard.
|
DH
|
Diffie-Hellman.
|
DHCP
|
Dynamic Host Configuration Protocol.
|
DNS
|
Domain Name System—Operates over UDP unless zone file access over TCP is required.
|
DoS
|
Denial of service.
|
ECMP
|
Equal Cost Multi-Path.
|
EEPROM
|
Electrically Erasable Programmable Read-Only Memory.
|
EGP
|
Exterior Gateway Protocol—While PIX Firewall does not support use of this protocol, you can set the routers on either side of the PIX Firewall to use RIP between them and then run EGP on the rest of the network before the routers.
|
EIGRP
|
Enhanced Interior Gateway Routing Protocol—While PIX Firewall does not support use of this protocol, you can set the routers on either side of the PIX Firewall to use RIP between them and then run EIGRP on the rest of the network before the routers.
|
ESP
|
Encapsulating Security Payload. Refer to RFC 1827 for more information.
|
FDDI
|
Fiber Distributed Data Interface—Fiber optic interface.
|
FTP
|
File Transfer Protocol.
|
gaddr
|
Global address—An address set with the global and static commands.
|
GRE
|
Generic routing encapsulation protocol—Commonly used with Microsoft's implementation of PPTP.
|
H.323
|
A collection of protocols that allow the transmission of voice data over TCP/IP networks.
|
HSRP
|
Hot-Standby Routing Protocol.
|
HTTP
|
Hypertext Transfer Protocol—The service that handles access to the World Wide Web.
|
HTTPS
|
HTTP over SSL.
|
IANA
|
Internet Assigned Number Authority—Assigns all port and protocol numbers for use on the Internet. You can view port numbers at the following site:
http://www.iana.org/assignments/port-numbers
You can view protocol numbers at the following site:
http://www.iana.org/assignments/protocol-numbers
|
ICMP
|
Internet Control Message Protocol—This protocol is commonly used with the ping command. You can view ICMP traces through the PIX Firewall with the debug trace on command. Refer to RFC 792 for more information.
|
IFP
|
Internet Filtering Protocol.
|
IGMP
|
Internet Group Management Protocol.
|
IGRP
|
Interior Gateway Routing Protocol.
|
IKE
|
Internet Key Exchange.
|
IKMP
|
Internet Key Management Protocol.
|
IP
|
Internet Protocol.
|
IPCP
|
IP Control Protocol. Protocol that establishes and configures IP over PPP.
|
IPinIP
|
IP-in-IP encapsulation protocol.
|
IPSec
|
IP Security Protocol efforts in the IETF (Internet Engineering Task Force).
|
IRC
|
Internet Relay Chat protocol—The protocol that lets users access chat rooms.
|
ISAKMP
|
Internet Security Association and Key Management Protocol.
|
ITU
|
International Telecommunication Union.
|
IUA
|
Individual User Authentication.
|
JTAPI
|
Java TAPI.
|
KDC
|
Key Distribution Center.
|
LSA
|
link-state advertisement.
|
L2TP
|
Layer Two Tunneling Protocol.
|
laddr
|
Local address—The address of a host on a protected interface.
|
MGCP
|
Media Gateway Control Protocol.
|
MD5
|
Message Digest 5—An encryption standard for encrypting VPN packets. This same encryption is used with the aaa authentication console command to encrypt Telnet sessions to the console.
|
MIB
|
Management Information Base—Used with SNMP.
|
MPPE
|
Microsoft Point-To-Point Encryption.
|
MS-CHAP
|
Microsoft CHAP (Challenge Handshake Authentication Protocol). See "CHAP" for more information.
|
MSRPC
|
Microsoft Remote Procedure Call.
|
MTU
|
maximum transmission unit—The maximum number of bytes in a packet that can flow efficiently across the network with best response time. For Ethernet, the default MTU is 1500 bytes, but each network can have different values, with serial connections having the smallest values. The MTU is described in RFC 1191.
|
NAT
|
Network Address Translation.
|
NBMA
|
nonbroadcast multiaccess.
|
NetBIOS
|
Network Basic Input Output System—An application programming interface (API) that provides special functions for PCs in local-area networks (LANs).
|
NIC
|
Network Information Center.
|
NNTP
|
Network News Transfer Protocol—News reader service.
|
NOS
|
Network Operating System.
|
NSSA
|
not so stubby area.
|
NTP
|
Network Time Protocol—Set system clocks via the network.
|
NVT
|
Network virtual terminal.
|
OSPF
|
Open Shortest Path First protocol.
|
PAP
|
Password Authentication Protocol. Authentication protocol that lets PPP peers authenticate one another.
|
PAT
|
Port Address Translation.
|
PDM
|
PIX Device Manager.
|
PFS
|
perfect forward secrecy.
|
PFSS
|
PIX Firewall Syslog Server.
|
PIM
|
Protocol Independent Multicast.
|
PIM-SM
|
PIM sparse mode.
|
PIX
|
Private Internet Exchange.
|
PKI
|
Public Key Infrastructure.
|
POP
|
Post Office Protocol.
|
PPPoE
|
Point-to-Point Protocol over Ethernet.
|
PPP
|
Point-to-Point Protocol. Provides PIX Firewall-to-router and host-to-network connections over synchronous and asynchronous circuits.
|
PPTP
|
Point-to-Point Tunneling Protocol. RFC 2637 describes the PPTP protocol.
|
RA
|
registration authority.
|
RADIUS
|
Remote Authentication Dial-In User Service—User authentication server specified with the aaa-server command.
|
RAS
|
The registration, admission, and status protocol. Provided with H.323 support.
|
RC4
|
RC4 is stream cipher designed by Rivest for RSA Data Security, Inc. It is a variable key-size stream cipher with byte-oriented operations. The algorithm is based on the use of a random permutation.
|
RFC
|
Request For Comment—RFCs are the defacto standards of networking protocols.
|
RIP
|
Routing Information Protocol.
|
RPC
|
Remote Procedure Call.
|
RSA
|
Rivest, Shamir, and Adelman. RSA is the trade name for RSA Data Security, Inc.
|
RTP
|
Real-Time Transport Protocol.
|
RTCP
|
RTP Control Protocol.
|
RTSP
|
Real Time Streaming Protocol.
|
SA
|
security association.
|
SCCP
|
Simple (Skinny) Client Control Protocol.
|
SDP
|
Session Description Protocol.
|
SIP
|
Session Initiation Protocol.
|
SSH
|
Secure Shell.
|
SMR
|
Stub Multicast Routing.
|
SMTP
|
Simple Mail Transfer Protocol—Mail service. The fixup protocol smtp command enables the Mail Guard feature. The PIX Firewall Mail Guard feature is compliant with both the RFC 1651 EHLO and RFC 821 section 4.5.1 commands.
|
SNMP
|
Simple Network Management Protocol—Set attributes with the snmp-server command.
|
SPC
|
Shared Profile Component.
|
SPI
|
Security Parameter Index—A number which, together with a destination IP address and security protocol, uniquely identifies a particular security association.
|
SQL*Net
|
SQL*Net is a protocol Oracle uses to communicate between client and server processes. (SQL stands for Structured Query Language.)
|
SUA
|
Secure Unit Authentication.
|
SYN
|
Synchronize sequence numbers flag in the TCP header.
|
TACACS+
|
Terminal Access Controller Access Control System Plus.
|
TAPI
|
Telephony Application Programming Interface.
|
TSP
|
TAPI Service Provider.
|
TCP
|
Transmission Control Protocol. Refer to RFC 793 for more information.
|
TurboACL
|
Turbo Access Control List—A feature introduced with PIX Firewall version 6.2 that improves the performance of large ACLs.
|
TFTP
|
Trivial File Transfer Protocol.
|
Triple DES
|
Triple Data Encryption Standard. Also known as 3DES.
|
uauth
|
User authentication.
|
UDP
|
User Datagram Protocol.
|
URL
|
Universal Resource Locator.
|
UUIE
|
user-user information element.
|
VLAN
|
virtual LAN.
|
VoIP
|
Voice over IP.
|
VPDN
|
virtual private dial-up network.
|
VPN
|
Virtual Private Network.
|
VTP
|
VLAN Trunking Protocol.
|
WWW
|
World Wide Web.
|
Xauth
|
extended authentication.
|
XDMCP
|
X Display Manager Control Protocol.
|
xlate
|
Translation slot in PIX Firewall.
|
Feedback