Security Solutions

ManualsBrandsHP ManualsSoftwareHP ProCurve Access Control Client Software

281

282

283

284

285

286

287

288

289

290

A-17

Appendix A: Glossary

policy repository A data store such as a directory server, a flat file, or a database that contains

a network’s security policies. The PDP draws on the policies in the repository

to make its authentication decisions.

post-connect

testing

NAC tests that are run on endpoints after they have already connected success-

fully to the network. The network administrator configures the length of the

retest frequency. If a device has become infected or no longer complies with

an organization’s security policies, the NAC 800 quarantines it.

posture See integrity posture.

PPP Point-to-Point Protocol. A layer-2 protocol that connects a device such as a

personal computer to a server through a phone line. PPP uses a serial interface

and is sometimes considered part of the TCP/IP protocol suite. For more

information, see RFC 1661 at http://tools.ietf.org/html/rfc1661.

PPTP Point-to-Point Tunneling Protocol. A method originally devised by Cisco for

implementing VPNs. For more information, see RFC 2637 at http://

tools.ietf.org/html/rfc2637.

pre-connect

testing

Testing performed before an endpoint is granted access to the network. See

also post-connect testing.

pre-shared key See PSK.

private key One of a pair of keys that is generated from a single, large random number.

The private key is kept secret, not distributed, and is used to decrypt a message

that was encrypted using the public key. If used to encrypt a message, it “signs”

that message as originating from the private key’s owner.

PSK Pre-Shared Key. An alphanumeric character string agreed upon by two parties

in advance. In IKE negotiations, peers can exchange a pre-shared key that is

between 8 and 255 characters long to authenticate each other before opening

the IKE security association.

public key One of a pair of keys that is generated from a single, large random number.

The public key is distributed widely and is used to encrypt a message that can

be decrypted using only the private key. The public key also verifies data signed

by the private key.

public key

infrastructure

See PKI.