Specifications

ManualsBrandsEnterasys ManualsComputer equipmentN Standalone (NSA) Series

221

222

223

224

225

226

227

228

229

230

Terms and Definitions

May 18, 2009 Page 31 of 32

Terms and Definitions

Table 6liststermsanddefinitionsusedinthispolicyconfigurationdiscussion.

Table 6 Policy Configuration Terms and Definitions

Term Definition

Administrative Profile A logical container that assigns a traffic classification to a policy role.

Class of Service

(CoS)

A logical container for packet priority, queue, and forwarding treatment that

determines how the firmware treats a packet as it transits the link.

Enhanced Policy Enterasys policy features that apply to a subset of platforms that support policy.

Filter-ID A string that is formatted in the RADIUS access-accept packet sent back from the

authentication server to the switch during the authentication process. In the

Enterasys policy context, the string contains the name of the policy role to be

applied to the authenticating user or device.

Hybrid Authentication An authentication feature that allows the switch to use both the filter-ID and tunnel

attributes in the RADIUS response message to determine how to treat the

authenticating user.

Policy A component of Secure Networks that provides for the configuration of a role based

profile for the securing and provisioning of network resources based upon the

function the user or device plays within the enterprise network.

Policy Maptable A logical entity that can be configured to provide VLAN to policy role mappings.

Policy Profile/Role A logical container for the rules that define a particular policy role.

Policy Rule A logical container providing for the specification of policy behaviors associated with

a policy role.

Role The grouping of individual users or devices into a logical behavioral profile for the

purpose of applying policy.

Rule Precedence A numeric traffic classification value, associated with the policy role, the ordering of

which on a precedence list determines the sequence in which classification rules

are applied to a packet.

Standard Policy Enterasys policy features that apply to all platforms that support policy.

TCI Overwrite A policy feature, when enabled in a policy role, allows for the overwrite of the

current user priority and other classification information in the VLAN tag’s TCI field.

Traffic Classification A network element such as MAC or IP address, packet type, port, or VLAN used as

the basis for identifying the traffic to which the policy will be applied.

Untagged and

Tagged VLAN

Untagged VLAN frames are classified to the VLAN associated with the port it

enters. Tagged VLAN frames are classified to the VLAN specified in the VLAN tag;

the PVID is ignored.

VLAN Authorization An aspect of RFC3580 that provides for the inclusion of the VLAN tunnel attribute in

the RADIUS Access-Accept packet defining the base VLAN-ID to be applied to the

authenticating user or device.

VLAN Egress List A configured list of ports that a frame for this VLAN can exit.