Security Solutions

A-12

Appendix A: Glossary

integrity posture The state of an endpoint in terms of its compliance with NAC policies. The

integrity posture is used to determine an endpoint’s access control state along

with other factors such as an exception, access grace period, and access mode.

See Appendix C, “Integrity Postures.”

IPsec Internet Protocol security. A suite of protocols that are used to establish a

VPN tunnel between devices that communicate over the Internet, thereby

protecting their data. IPSec For more information, see the IPsec Working

Group home page at http://www.ietf.org/html.charters/OLD/ipsec-char-

ter.html.

JavaScript

A scripting language that is used mostly in client-side Web applications. It is

not related to the Java programming language. The term is a registered

trademark of Sun Microsystems. For more information, see the Mozilla Devel-

opment Center at http://developer.mozilla.org/en/docs/JavaScript.

key In cryptography, a key is a unique value or string of text that is used to encrypt

data when that data is run through an encryption or hash algorithm. To decrypt

or dehash the data, a device must apply the correct key to the encrypted data.

The length of a key generally determines how difficult it will be to decrypt the

data. Keys can be either symmetric or asymmetric.

Ki An authentication key that is stored on a SIM and is used to encrypt the ISMI

along with a random value.

L2TP Layer 2 Tunneling Protocol. A protocol that is used in VPNs. For more

information, see RFC 2661 at http://tools.ietf.org/html/rfc2661.

LDAP Lightweight Directory Access Protocol. A set of protocols that allow a host to

look up and access directory services. For more information, see RFC 2251 at

http://www.ietf.org/rfc/rfc2251.txt.

LEAP Lightweight EAP. A wireless LAN authentication protocol developed by Cisco

systems. It is not recommended for use with the NAC 800.