User guide
User Guide 189
scalable architecture
Software and/or hardware constructed so that, after configuring a single
machine, the same configuration can be propagated to a group of connected
machines.
screening router
A machine that performs packet filtering.
SCSI (Small Computer System Interface)
A processor-independent standard for system-level interfacing between a
computer and intelligent devices including hard disks, floppy disks, CD-ROM,
printers, and scanners.
secondary network
A network on the same physical wire as a Firebox interface that has an address
belonging to an entirely different network.
secret key
Either the private key in public key (asymmetric) algorithms or the session key in
symmetric algorithms.
secret sharing
See
key splitting
.
secure channel
A means of conveying information from one entity to another such that an
intruder does not have the ability to reorder, delete, insert, or read.
Secure Sockets Layer (SSL)
A protocol for transmitting private documents over the Internet. SSL works by
using a private key to encrypt data transferred over an SSL connection.
SecurID server
Each time an end user connects to the specialized-HTTP server running on the
Firebox on port 4100, a Java-enabled applet opens and prompts for the
username, password, and whether or not to use SecurID (PAP) Authentication.
The username and password are DES-encrypted using a secret key shared
between the Java client and the Firebox. The Firebox then decrypts the name
and password to create a RADIUS PAP Access-Request packet, and then sends it
to the configured RADIUS server.
security traffic display
An LED indicator on the front of a Firebox that indicates the directions of traffic
between the Firebox interfaces. The display can either be a triangle display, for
Fireboxes with three interfaces, or a star display, for Fireboxes with six interfaces.
seed router
A router that supplies routing information (such as network numbers and
ranges) to the network.