Acronyms and Abbreviations

Acronyms and Abbreviations

For more information on acronyms used in this guide, refer to the Internetworking Terms and Acronyms guide.

Acronym Description

AAA Authentication, authorization, and accounting.

AH Authentication Header.

ARP Address Resolution Protocol—A low-level TCP/IP protocol that maps a node's hardware address (called a "MAC" address) to its IP address. Defined in RFC 826. An example hardware address is 00:00:a6:00:01:ba. (The first three groups specify the manufacturer, the rest identify the host's motherboard.)

BGP Border Gateway Protocol—While firewall does not support use of this protocol, you can set the routers on either side of the firewall to use RIP between them and then run BGP on the rest of the network before the routers.

BOOTP Bootstrap Protocol—Lets diskless workstations boot over the network and is described in RFC 951 and RFC 1542.

CA certification authority.

CHAP Challenge Handshake Authentication Protocol. Security feature supported on lines using PPP encapsulation that prevents unauthorized access.

CPP Combinet Proprietary Protocol.

chargen Character Generation—Via TCP, a service that sends a continual stream of characters until stopped by the client. Via UDP sends a datagram. Defined in RFC 864.

conn Connection slot in firewall—Refer to the xlate command page for more information.

CRL Certificate Revocation List.

DES Data Encryption Standard.

DNS Domain Name System—Operates over UDP unless zone file access over TCP is required.

EGP Exterior Gateway Protocol—While firewall does not support use of this protocol, you can set the routers on either side of the firewall to use RIP between them and then run EGP on the rest of the network before the routers.

EIGRP Enhanced Interior Gateway Routing Protocol—While firewall does not support use of this protocol, you can set the routers on either side of the firewall to use RIP between them and then run EIGRP on the rest of the network before the routers.

ESP Encapsulated Security Protocol. Refer to RFC 1827 for more information.

FDDI Fiber Distributed Data Interface—Fiber optic interface.

FTP File Transfer Protocol.

gaddr Global address—An address set with the global and static commands.

GRE Generic Routing Encapsulation protocol—Commonly used with Microsoft's implementation of PPTP.

HSRP Hot-Standby Routing Protocol.

HTTP Hypertext Transfer Protocol—The service that handles access to the World Wide Web.

IANA Internet Assigned Number Authority - Assigns all port and protocol numbers for use on the Internet. You can view port numbers at:
www.iana.org/assignments/port-numbers

You can view protocol numbers at...
www.iana.org/assignments/protocol-numbers

ICMP Internet Control Message Protocol—This protocol is commonly used with the ping command. You can view ICMP traces through the firewall with the debug trace on command. Refer to RFC 792 for more information.

IGMP Internet Group Management Protocol.

IGRP Interior Gateway Routing Protocol.

IKE Internet Key Exchange.

IKMP Internet Key Management Protocol.

IP Internet Protocol.

IPCP IP Control Protocol. Protocol that establishes and configures IP over PPP.

IPinIP IP-in-IP encapsulation protocol.

IPSec IP Security Protocol efforts in the IETF (Internet Engineering Task Force).

IRC Internet Relay Chat protocol—The protocol that lets users access chat rooms.

ISAKMP Internet Security Association and Key Management Protocol.

KDC Key Distribution Center.

L2TP Layer 2 Tunneling Protocol

laddr Local address—The address of a host on a protected interface.

MD5 Message Digest 5—An encryption standard for encrypting VPN packets. This same encryption is used with the aaa authentication console command to encrypt Telnet sessions to the console.

MIB Management Information Base—Used with SNMP.

MPPE Microsoft Point-To-Point Encryption.

MS-CHAP Microsoft CHAP (Challenge Handshake Authentication Protocol). See "CHAP" for more information.

MSRPC Microsoft Remote Procedure Call.

MTU maximum transmission unit—The maximum number of bytes in a packet that can flow efficiently across the network with best response time. For Ethernet, the default MTU is 1500 bytes, but each network can have different values, with serial connections having the smallest values. The MTU is described in RFC 1191.

NAT Network Address Translation.

NIC Network Information Center.

NNTP Network News Transfer Protocol—News reader service.

NOS Network Operating System.

NTP Network Time Protocol—Set system clocks via the network.

NVT Network virtual terminal.

OSPF Open Shortest Path First protocol.

PAP Password Authentication Protocol. Authentication protocol that lets PPP peers authenticate one another.

PAT Port Address Translation

PFSS firewall Syslog Server.

PIX Private Internet Exchange.

PKI Public Key Infrastructure

POP Post Office Protocol.

PPP Point-to-Point Protocol. Provides firewall-to-router and host-to-network connections over synchronous and asychronous circuits.

PPTP Point-to-Point Tunneling Protocol. RFC 2637 describes the PPTP protocol.

RADIUS Remote Authentication Dial-In User Service—User authentication server specified with the aaa-server command.

RAS The registration, admission, and status protocol. Provided with H.323 support.

RFC Request For Comment—RFCs are the defacto standards of networking protocols.

RIP Routing Information Protocol

RPC Remote Procedure Call.

RSA/RC4 RSA is the trade name for RSA Data Security, Inc. The RSA web site at http://www.rsasecurity.com/rsalabs/faq/3-6-3.html describes RC4 as a "stream cipher designed by Rivest for RSA Data Security, Inc. It is a variable key-size stream cipher with byte-oriented operations. The algorithm is based on the use of a random permutation."

SDP Session Description Protocol

SMTP Simple Mail Transfer Protocol—Mail service. The fixup protocol smtp command enables the Mail Guard feature. The firewall Mail Guard feature is compliant with both the RFC 1651 EHLO and RFC 821 section 4.5.1 commands.

SNMP Simple Network Management Protocol—Set attributes with the snmp-server command.

SPI Security Parameter Index—A number which, together with a destination IP address and security protocol, uniquely identifies a particular security association.

SQL*Net SQL*Net is a protocol Oracle uses to communicate between client and server processes. (SQL stands for Structured Query Language.) The protocol consists of different packet types that firewall handles to make the data stream appear consistent to the Oracle applications on either side of the firewall. SQL*Net is enabled with the fixup protocol sqlnet command, which is provided in the default configuration.

SYN Synchronize sequence numbers flag in the TCP header.

TACACS+ Terminal Access Controller Access Control System Plus.

TCP Transmission Control Protocol. Refer to RFC 793 for more information.

TFTP Trivial File Transfer Protocol.

Triple DES Triple Data Encryption Standard. Also known as 3DES.

uauth User authentication.

UDP User Datagram Protocol.

VPDN virtual private dial-up network.

VPN Virtual Private Network.

WWW World Wide Web.

XDMCP X Display Manager Control Protocol.

xlate Translation slot in firewall.

Acronym	Description
AAA	Authentication, authorization, and accounting.
AH	Authentication Header.
ARP	Address Resolution Protocol—A low-level TCP/IP protocol that maps a node's hardware address (called a "MAC" address) to its IP address. Defined in RFC 826. An example hardware address is 00:00:a6:00:01:ba. (The first three groups specify the manufacturer, the rest identify the host's motherboard.)
BGP	Border Gateway Protocol—While firewall does not support use of this protocol, you can set the routers on either side of the firewall to use RIP between them and then run BGP on the rest of the network before the routers.
BOOTP	Bootstrap Protocol—Lets diskless workstations boot over the network and is described in RFC 951 and RFC 1542.
CA	certification authority.
CHAP	Challenge Handshake Authentication Protocol. Security feature supported on lines using PPP encapsulation that prevents unauthorized access.
CPP	Combinet Proprietary Protocol.
chargen	Character Generation—Via TCP, a service that sends a continual stream of characters until stopped by the client. Via UDP sends a datagram. Defined in RFC 864.
conn	Connection slot in firewall—Refer to the xlate command page for more information.
CRL	Certificate Revocation List.
DES	Data Encryption Standard.
DNS	Domain Name System—Operates over UDP unless zone file access over TCP is required.
EGP	Exterior Gateway Protocol—While firewall does not support use of this protocol, you can set the routers on either side of the firewall to use RIP between them and then run EGP on the rest of the network before the routers.
EIGRP	Enhanced Interior Gateway Routing Protocol—While firewall does not support use of this protocol, you can set the routers on either side of the firewall to use RIP between them and then run EIGRP on the rest of the network before the routers.
ESP	Encapsulated Security Protocol. Refer to RFC 1827 for more information.
FDDI	Fiber Distributed Data Interface—Fiber optic interface.
FTP	File Transfer Protocol.
gaddr	Global address—An address set with the global and static commands.
GRE	Generic Routing Encapsulation protocol—Commonly used with Microsoft's implementation of PPTP.
HSRP	Hot-Standby Routing Protocol.
HTTP	Hypertext Transfer Protocol—The service that handles access to the World Wide Web.
IANA	Internet Assigned Number Authority - Assigns all port and protocol numbers for use on the Internet. You can view port numbers at: www.iana.org/assignments/port-numbers You can view protocol numbers at... www.iana.org/assignments/protocol-numbers
ICMP	Internet Control Message Protocol—This protocol is commonly used with the ping command. You can view ICMP traces through the firewall with the debug trace on command. Refer to RFC 792 for more information.
IGMP	Internet Group Management Protocol.
IGRP	Interior Gateway Routing Protocol.
IKE	Internet Key Exchange.
IKMP	Internet Key Management Protocol.
IP	Internet Protocol.
IPCP	IP Control Protocol. Protocol that establishes and configures IP over PPP.
IPinIP	IP-in-IP encapsulation protocol.
IPSec	IP Security Protocol efforts in the IETF (Internet Engineering Task Force).
IRC	Internet Relay Chat protocol—The protocol that lets users access chat rooms.
ISAKMP	Internet Security Association and Key Management Protocol.
KDC	Key Distribution Center.
L2TP	Layer 2 Tunneling Protocol
laddr	Local address—The address of a host on a protected interface.
MD5	Message Digest 5—An encryption standard for encrypting VPN packets. This same encryption is used with the aaa authentication console command to encrypt Telnet sessions to the console.
MIB	Management Information Base—Used with SNMP.
MPPE	Microsoft Point-To-Point Encryption.
MS-CHAP	Microsoft CHAP (Challenge Handshake Authentication Protocol). See "CHAP" for more information.
MSRPC	Microsoft Remote Procedure Call.
MTU	maximum transmission unit—The maximum number of bytes in a packet that can flow efficiently across the network with best response time. For Ethernet, the default MTU is 1500 bytes, but each network can have different values, with serial connections having the smallest values. The MTU is described in RFC 1191.
NAT	Network Address Translation.
NIC	Network Information Center.
NNTP	Network News Transfer Protocol—News reader service.
NOS	Network Operating System.
NTP	Network Time Protocol—Set system clocks via the network.
NVT	Network virtual terminal.
OSPF	Open Shortest Path First protocol.
PAP	Password Authentication Protocol. Authentication protocol that lets PPP peers authenticate one another.
PAT	Port Address Translation
PFSS	firewall Syslog Server.
PIX	Private Internet Exchange.
PKI	Public Key Infrastructure
POP	Post Office Protocol.
PPP	Point-to-Point Protocol. Provides firewall-to-router and host-to-network connections over synchronous and asychronous circuits.
PPTP	Point-to-Point Tunneling Protocol. RFC 2637 describes the PPTP protocol.
RADIUS	Remote Authentication Dial-In User Service—User authentication server specified with the aaa-server command.
RAS	The registration, admission, and status protocol. Provided with H.323 support.
RFC	Request For Comment—RFCs are the defacto standards of networking protocols.
RIP	Routing Information Protocol
RPC	Remote Procedure Call.
RSA/RC4	RSA is the trade name for RSA Data Security, Inc. The RSA web site at http://www.rsasecurity.com/rsalabs/faq/3-6-3.html describes RC4 as a "stream cipher designed by Rivest for RSA Data Security, Inc. It is a variable key-size stream cipher with byte-oriented operations. The algorithm is based on the use of a random permutation."
SDP	Session Description Protocol
SMTP	Simple Mail Transfer Protocol—Mail service. The fixup protocol smtp command enables the Mail Guard feature. The firewall Mail Guard feature is compliant with both the RFC 1651 EHLO and RFC 821 section 4.5.1 commands.
SNMP	Simple Network Management Protocol—Set attributes with the snmp-server command.
SPI	Security Parameter Index—A number which, together with a destination IP address and security protocol, uniquely identifies a particular security association.
SQL*Net	SQLNet is a protocol Oracle uses to communicate between client and server processes. (SQL stands for Structured Query Language.) The protocol consists of different packet types that firewall handles to make the data stream appear consistent to the Oracle applications on either side of the firewall. SQLNet is enabled with the fixup protocol sqlnet command, which is provided in the default configuration.
SYN	Synchronize sequence numbers flag in the TCP header.
TACACS+	Terminal Access Controller Access Control System Plus.
TCP	Transmission Control Protocol. Refer to RFC 793 for more information.
TFTP	Trivial File Transfer Protocol.
Triple DES	Triple Data Encryption Standard. Also known as 3DES.
uauth	User authentication.
UDP	User Datagram Protocol.
VPDN	virtual private dial-up network.
VPN	Virtual Private Network.
WWW	World Wide Web.
XDMCP	X Display Manager Control Protocol.
xlate	Translation slot in firewall.