User's Manual
Glossary
hwc_glossary.fm
Networking terms and abbreviations
A31003-W1050-U100-2-7619
, March 2008
360 HiPath Wireless Controller, Access Points and Convergence Software V5 R1 , C20/C2400 User Guide
IPsec
IPsec-ESP
IPsec-AH
Internet Protocol security (IPSec)
Internet Protocol security Encapsulating Security Payload (IPsec-ESP). The encapsulating
security payload (ESP) encapsulates its data, enabling it to protect data that follows in the
datagram.Internet Protocol security Authentication Header (IPsec-AH). AH protects the parts
of the IP datagram that can be predicted by the sender as it will be received by the
receiver.IPsec is a set of protocols developed by the IETF to support secure exchange of
packets at the IP layer. IPsec has been deployed widely to implement Virtual Private Networks
(VPNs). IPsec supports two encryption modes: Transport and Tunnel. Transport mode
encrypts only the data portion (payload) of each packet, but leaves the header untouched. The
more secure Tunnel mode encrypts both the header and the payload. On the receiving side,
an IPSec-compliant device decrypts each packet. For IPsec to work, the sending and
receiving devices must share a public key. This is accomplished through a protocol known as
Internet Security Association and Key Management Protocol/Oakley (ISAKMP/Oakley), which
allows the receiver to obtain a public key and authenticate the sender using digital certificates.
isochronous Isochronous data is data (such as voice or video) that requires a constant transmission rate,
where data must be delivered within certain time constraints. For example, multimedia
streams require an isochronous transport mechanism to ensure that data is delivered as fast
as it is displayed and to ensure that the audio is synchronized with the video. Compare:
asynchronous processes in which data streams can be broken by random intervals, and
synchronous processes, in which data streams can be delivered only at specific intervals.
ISP Internet Service Provider.
IV IV (Initialization Vector), part of the standard WEP encryption mechanism that concatenates
a shared secret key with a randomly generated 24-bit initialization vector. WPA with TKIP uses
48-bit IVs, an enhancement that significantly increases the difficulty in cracking the encryption.
(See WPA and TKIP)
LAN Local Area Network.
License installation
LSA Link State Advertisements received by the currently running OSPF process. The LSAs
describe the local state of a router or network, including the state of the router's interfaces and
adjacencies. See also OSPF.
MAC Media Access Control layer. One of two sublayers that make up the Data Link Layer of the
OSI model. The MAC layer is responsible for moving data packets to and from one Network
Interface Card (NIC) to another across a shared channel.
MAC address Media Access Control address. A hardware address that uniquely identifies each node of a
network.
MIB Management Information Base is a formal description of a set of network objects that can be
managed using the Simple Network Management Protocol (SNMP). The format of the MIB is
defined as part of the SNMP. A MIB is a collection of definitions defining the properties of a
managed object within a device. Every managed device keeps a database of values for each
of the definitions written in the MIB. Definition of the MIB conforms to RFC1155 (Structure of
Management Information).
MIC Message Integrity Check or Code (MIC), also called "Michael", is part of WPA and TKIP. The
MIC is an additional 8-byte code inserted before the standard 4-byte integrity check value
(ICV) that is appended in by standard WEP to the 802.11 message. This greatly increases the
difficulty in carrying out forgery attacks.
Both integrity check mechanisms are calculated by the receiver and compared against the
values sent by the sender in the frame. If the values match, there is assurance that the
message has not been tampered with. (See WPA, TKIP and ICV).
Term Explanation
Table 29