Filter
Top Products
Glossary
GL-9
User Guide for Cisco Secure Access Control System 5.3
OL-24201-01
EAP
Extensible Authentication Protocol. A protocol for wireless networks that expands on Authentication
methods used by the PPP (Point-to-Point Protocol), a protocol often used when connecting a computer
to the Internet. EAP can support multiple authentication mechanisms, such as token cards, smart
cards, certificates, one-time passwords, and Public Key Encryption authentication.
EAP-MD5
Extensible Authentication Protocol-Message Digest 5. An EAP security algorithm developed by RSA
Security that uses a 128-bit generated number string, or hash, to verify the authenticity of a data
communication.
EAP-TLS
Extensible Authentication Protocol-Translation Layer Security. A high-security version of EAP that
requires authentication from both the client and the server. If one of them fails to offer the appropriate
authenticator, the connection is terminated. Used to create a secured connection for 802.1X by
preinstalling a digital certificate on the client computer. EAP-TLS is the protocol that serves for
mutual authentication and integrity-protected cipher suite negotiation and key exchange between a
client and server. Both the client and the server use X.509 certificates to verify their identities to each
other.
F
false rejects
When an authentication system fails to recognize a valid user.
FTP
File Transfer Protocol . A TCP/IP protocol specifying the transfer of text or binary files across the
network.
filter
Used to specify which packets will or will not be used. It can be used in sniffers to determine which
packets get displayed, or by firewalls to determine which packets get blocked.
filtering router
An inter-network router that selectively prevents the passage of data packets according to a security
policy. A filtering router may be used as a firewall or part of a firewall. A router usually receives a
packet from a network and decides where to forward it on a second network. A filtering router does
the same, but first decides whether the packet should be forwarded at all, according to some security
policy. The policy is implemented by rules (packet filters) loaded into the router.
firewall
A TCP/IP Fragmentation Attack that is possible because IP allows packets to be broken down into
fragments for more efficient transport across various media. The TCP packet (and its header) are
carried in the IP packet. In this attack the second fragment contains incorrect offset. When packet is
reconstructed, the port number will be overwritten.
fragmentation
The process of storing a data file in several "chunks" or fragments rather than in a single contiguous
sequence of bits in one place on the storage medium.
frames
Data that is transmitted between network points as a unit complete with addressing and necessary
protocol control information. A frame is usually transmitted serial bit by bit and contains a header
field and a trailer field that "frame" the data. (Some control frames contain no data.)
full duplex
A type of duplex communications channel which carries data in both directions at once. Refers to the
transmission of data in two directions simultaneously. Communications in which both sender and
receiver can send at the same time.
fully-qualified
domain name
A server name with a hostname followed by the full domain name.