Network Security Technologies and Protocols: AAA, VPN and Firewall

Kerberos: Network Authentication Protocol

NetworkDicionary — Tue, 30 Jan 2007 13:36:17 +0800

Kerberos is a network authentication protocol. Kerberos is designed to provide strong authentication for client/server applications by using secret-key cryptography.

RADIUS: Remote Authentication Dial In User Service

NetworkDicionary — Tue, 30 Jan 2007 13:36:19 +0800

Radius is a protocol for carrying authentication, authorization, and configuration information between a Network Access Server which desires to authenticate its links and a shared Authentication Server.

SSH: Secure Shell Protocol

NetworkDicionary — Tue, 30 Jan 2007 13:36:21 +0800

SSH is a protocol for secure remote login and other secure network services over an insecure network. SSH consists of three major components

L2F: Level 2 Forwarding protocol

NetworkDicionary — Tue, 30 Jan 2007 13:36:23 +0800

The Layer 2 Forward protocol (L2F) is used to establish a secure tunnel across a public infrastructure (such as the Internet) that connects an ISP POP to a enterprise home gateway. This tunnel creates a virtual point-to-point connection between the user and the enterprise customer"s network.

L2TP: Layer 2 Tunneling Protocol

NetworkDicionary — Tue, 30 Jan 2007 13:36:25 +0800

The L2TP Protocol is used for integrating multi-protocol dial-up services into existing Internet Service Providers Point of Presence.

PPTP: Point to Point Tunneling Protocol

NetworkDicionary — Tue, 30 Jan 2007 13:36:27 +0800

Point-to-Point-Tunneling Protocol (PPTP) is a networking technology that supports multiprotocol virtual private networks (VPN), enabling remote users to access corporate networks securely across the Microsoft Windows NT® Workstation, Windows® 95, and Windows 98 operating systems and other point-to-point protocol (PPP)-enabled systems to dial into a local Internet service provider to connect securely to their corporate network through the Internet.

AH: Authentication Header

NetworkDicionary — Tue, 30 Jan 2007 13:36:30 +0800

IP Authentication Header (AH), a key protocol in the IPsec (Internet Security) architecture, is used to provide connectionless integrity and data origin authentication for IP datagrams, and to provide protection against replays.

DiffServ: Differenciated Service

NetworkDicionary — Tue, 30 Jan 2007 13:36:33 +0800

DiffServ defines an architecture for implementing scalable service differentiation in the Internet. A "Service" defines some significant characteristics of packet transmission in one direction across a set of one or more paths within a network.

ESP: Encapsulating Security Payload

NetworkDicionary — Tue, 30 Jan 2007 13:36:35 +0800

Encapsulating Security Payload (ESP) is a key protocol in the IPsec (Internet Security) architecture, which is designed to provide a mix of security services in IPv4 and IPv6. The IP Encapsulating Security Payload (ESP) seeks to provide confidentiality and integrity by encrypting data to be protected and placing the encrypted data in the data portion of the IP ESP.

GRE: Generic Routing Encapsulation

NetworkDicionary — Tue, 30 Jan 2007 13:36:38 +0800

Generic Routing Encapsulation is a protocol for encapsulation of an arbitrary network layer protocol over another arbitrary network layer protocol.

IKE: Internet Key Exchange Protocol

NetworkDicionary — Tue, 30 Jan 2007 13:36:41 +0800

Internet Key Exchange (IKE) Protocol, a key protocol in the IPsec architecture, is a hybrid protocol using part of Oakley and part of SKEME in conjunction with ISAKMP to obtain authenticated keying material for use with ISAKMP, and for other security associations such as AH and ESP for the IPsec DOI.

IPsec: Security Architecture for IP network

NetworkDicionary — Tue, 30 Jan 2007 13:36:44 +0800

IPsec provides security services at the IP layer by enabling a system to select required security protocols, determine the algorithm(s) to use for the service(s), and put in place any cryptographic keys required to provide the requested services.

ISAKMP: Internet Security Association and Key Management Protocol

NetworkDicionary — Tue, 30 Jan 2007 13:36:46 +0800

ISAKMP, a key protocol in the IPsec (Internet Security) architecture, combines the security concepts of authentication, key management, and security associations to establish the required security for government, commercial, and private communications on the Internet.

TLS: Transport Layer Security Protocol

NetworkDicionary — Tue, 30 Jan 2007 13:36:48 +0800

Transport Layer Security (TLS) Protocol is to provide privacy and data integrity between two communicating applications. The protocol is composed of two layers: the TLS Record Protocol and the TLS Handshake Protocol.

Socks: Protocol for sessions traversal across firewall securely

NetworkDicionary — Tue, 30 Jan 2007 13:36:50 +0800

Socks protocol provides a framework for client-server applications in both the TCP and UDP domains to conveniently and securely use the services of a network firewall.