 |
 support
f.
a. q.
forum
hotline
Documentation:
Brochures
Data Sheets
White papers
Case Studies
User guides
|
|
|
1. Access Control - Access Control ensures that resources are only granted to those users who are entitled to them.
2. Asymmetric Cryptography - Public-key cryptography; A modern branch of cryptography in which the algorithms employ a pair of keys (a public key and a private key) and use a different component of the pair for different steps of the algorithm.
3. Attack - This is intruder's attempt to damage to work in the network. The success of attack depends on a vulnerability and efficiency of protection system.
4. Authentication - Authentication is the process of confirming the correctness of the claimed identity.
5. Computer Network - A collection of host computers together with the sub-network or inter-network through which they can exchange data.
6. Confidentiality - Confidentiality is the need to ensure that information is disclosed only to those who are authorized to view it.
7. Cryptography - Cryptography garbles a message in such a way that anyone who intercepts the message cannot understand it.
8. Data security is the means of ensuring that data is kept safe from corruption and that access to it is suitably controlled. Thus data security helps to ensure privacy. It also helps in protecting personal data.
9. Decryption - Decryption is the process of transforming an encrypted message into its original plaintext.
10. Demilitarized Zone (DMZ) - In computer security, in general a demilitarized zone (DMZ) or perimeter network is a network area (a subnetwork) that sits between an organization's internal network and an external network, usually the Internet. DMZ's help to enable the layered security model in that they provide subnetwork segmentation based on security requirements or policy. DMZ's provide either a transit mechanism from a secure source to an insecure destination or from an insecure source to a more secure destination. In some cases, a screened subnet which is used for servers accessbile form the outside is refered to as a DMZ.
11. Disk encryption - Disk encryption programs encrypt your entire hard disk (sometimes they use a special partition), so that you don't have to worry about leaving the decrypted messages on your disk.
12. Distribution key set - This is a file with .DST extension. Such a file is created for each VPN user and contains the following information (in packed form): host links information and key information. This information is necessary to provide the first start of ViPNet applications.
13. Encapsulation - A transformation of IP packets of all types into single type, thus completely concealing the structure of information exchange. Depending on the environment where the exchange is realized, the encapsulation is performed into either of two formats:
- If there is no address translation along the route of IP packet, then after encryption the original IP packet is encapsulated into an IP packet with 241 protocol number.
- If there is address translation along the route of IP packet, then after encryption the original IP packet is encapsulated into a UDP format of IP packet with a specified destination port (by default 55777).
14. Encryption - Cryptographic transformation of data (called "plaintext") into a form (called "cipher text") that conceals the data's original meaning to prevent it from being known or used.
15. File Encryption - File encryption (or data encryption) is a secure process for keeping your sensitive and confidential information private. The File Encryption process makes the file unreadable unless or until decrypted.
16. Filter - A filter is used to specify which packets will or will not be used. It can be used in sniffers to determine which packets get displayed, or by firewalls to determine which packets get blocked.
17. Firewall - is a piece of hardware and/or software which functions in a networked environment to prevent some communications forbidden by the security policy.
18. Gateway - A network point that acts as an entrance to another network.
19. IDS - An Intrusion Detection System (or IDS) is used to detect all types of malicious network traffic and computer usage that can't be detected by a conventional firewall. This includes network attacks against vulnerable services, data driven attacks on applications, host based attacks such as privilege escalation, unauthorized logins and access to sensitive files, and malware (viruses, trojan horses, and worms).
20. Integrity - Integrity is the need to ensure that information has not been changed accidentally or deliberately, and that it is accurate and complete.
21. LAN - A local area network (LAN) is a group of computers and associated devices that share a common communications line and typically share the resources of a single processor or server within a small geographic area (for example, within an office building). Usually, the server has applications and data storage that are shared in common by multiple computer users. A local area network may serve as few as two or three users or many as thousands of users.
22. NAT - Network Address Translation. It is used to share one or a small number of publically routable IP addresses among a larger number of hosts. The hosts are assigned private IP addresses, which are then "translated" into one of the publicaly routed IP addresses. Typically home or small business networks use NAT to share a single DLS or Cable modem IP address. However, in some cases NAT is used for servers as an additional layer of protection.
23. Parent control - Certain rules and event-log system to prevent and control children from visiting unwanted network resources. It means that access can be limited to a specified set of pages or access can be granted however, some specific pages would be blocked.
24. Password Cracking - Password cracking is the process of attempting to guess passwords, given the password file information.
25. Password generator - is software program or hardware device that takes input from a random or pseudo-random number generator and automatically generates a password.
26. Password Sniffing - Passive wiretapping, usually on a local area network, to gain knowledge of passwords.
27. Personal Firewalls - Personal firewalls are those firewalls that are installed and run on individual PCs.
28. Port Scan - A port scan is a series of messages sent by someone attempting to break into a computer to learn which computer network services, each associated with a "well-known" port number, the computer provides. Port scanning, a favorite approach of computer cracker, gives the assailant an idea where to probe for weaknesses. Essentially, a port scan consists of sending a message to each port, one at a time. The kind of response received indicates whether the port is used and can therefore be probed for weakness.
29. Protocol - In information technology, a protocol is the special set of rules that end points in a telecommunication connection use when they communicate. Protocols exist at several levels in a telecommunication connection.
- There are hardware telephone protocols.
- There are protocols between each of several functional layers and each corresponding layer at the other end of a communication.
- On the Internet, there are the TCP/IP protocols family and others.
30. Proxy - is an intermediary program that translates requests of different protocols from internal network to the Internet.
31. Remote access - Remote access is the ability to get access to a computer or a network from a remote distance.
32. Router - Router is a device, intended for connections between networks, using different architecture and protocols; it selects a route for network traffic, also it filters broadcasting messages for a local area network
33. Security Managed Service - is a systematic approach to managing an organization's security needs. The services may be conducted in house or outsourced to a service provider that oversees other companies' network and information system security. Functions of a managed security service include round-the-clock monitoring and management of intrusion detection systems and firewalls, overseeing patch management and upgrades, performing security assessments and security audits, and responding to emergencies.
34. Security Policy - Security policy is a document that states in writing how a company plans to protect the company's physical and information technology assets. A security policy is often considered to be a "living document", meaning that the document is never finished, but is continuously updated as technology and employee requirements change.
35. Smartcard - A smartcard is an electronic badge that includes a magnetic strip or chip that can record and replay a set key.
36. Sniffer - A sniffer is a tool that monitors network traffic as it received in a network interface.
37. Software - Computer programs (which are stored in and executed by computer hardware) and associated data (which also is stored in the hardware) that may be dynamically written or modified during execution.
38. Spam - Indiscriminately sending unsolicited, unwanted, irrelevant or inappropriate messages, especially commercial advertising in mass quantities, is considered spam. Another term used to describe spam is "electronic junk mail."
39. Stealth mode - Stealth mode is a term that refers to approaches used by software to conceal its presence on the system.
40. Symmetric Cryptography - A branch of cryptography involving algorithms that use the same key for two different steps of the algorithm (such as encryption and decryption, or signature creation and signature verification). Symmetric cryptography is sometimes called "secret-key cryptography" (versus public-key cryptography) because the entities that share the key.
41. Traffic - This is data stream from one computer to another.
42. Trojan Horse - A computer program that appears to have a useful function, but also has a hidden and potentially malicious function that evades security mechanisms, sometimes by exploiting legitimate authorizations of a system entity that invokes the program.
43. Tunnel - A communication channel created in a computer network by encapsulating a communication protocol's data packets in (on top of) a second protocol that normally would be carried above, or at the same layer as, the first one. Most often, a tunnel is a logical point-to-point link created by encapsulating the layer 2 protocol in a transport protocol (such as TCP), in a network or inter-network layer protocol (such as IP), or in another link layer protocol. Tunneling can move data between computers that use a protocol not supported by the network connecting them.
44. Virus - is a self-replicating computer program that spreads by inserting copies of itself into other executable code or documents.
45. Virtual Private Network (VPN) - A restricted-use, logical (i.e., artificial or simulated) computer network that is constructed from the system resources of a relatively public, physical (i.e., real) network (such as the Internet), often by using encryption (located at hosts or gateways), and often by tunneling links of the virtual network across the real network. For example, if a corporation has LANs at several different sites, each connected to the Internet by a firewall, the corporation could create a VPN by (a) using encrypted tunnels to connect from firewall to firewall across the Internet and (b) not allowing any other traffic through the firewalls. A VPN is generally less expensive to build and operate than a dedicated real network, because the virtual network shares the cost of system resources with other users of the real network.
46. VPN client - A VPN client is most often a software program but can also be hardware as well (usually another VPN router). If authentication procedure is successful then the VPN client and VPN server (or another VPN client) are able to communicate as if they were on the same network. At this point, they are on the same virtual private network.
47. WAN - Global Network (or Wide Area Network, WAN) is a communications network connecting geographically separated computers, printers, and other devices. A WAN allows any connected device to interact with any other on the network.
48. Worm - A computer program that can run independently, can propagate a complete working version of itself onto other hosts on a network, and may consume computer resources destructively.
|
|
|
|
|
