Appendix A: Glossary
cache efficiency | A tab found on the Statistics pages of the Management Console that shows the |
| percent of objects served from cache, the percent loaded from the network, and the |
| percent that were |
cache hit | Occurs when the SG appliance receives a request for an object and can serve the |
| request from the cache without a trip to the origin server. |
cache miss | Occurs when the appliance receives a request for an object that is not in the cache. |
| The appliance must then fetch the requested object from the origin server. . |
cache object | Cache contents includes all objects currently stored by the SG appliance. Cache |
| objects are not cleared when the SG appliance is powered off. |
Certificate Authority (CA) | A trusted, |
| create digital signatures and public key/private key pairs. The role of the CA is to |
| guarantee that the individuals or company representatives who are granted a unique |
| certificate are who they claim to be. |
child class (bandwidth gain) | The child of a parent class is dependent upon that parent class for available |
| bandwidth (they share the bandwidth in proportion to their minimum/maximum |
| bandwidth values and priority levels). A child class with siblings (classes with the |
| same parent class) shares bandwidth with those siblings in the same manner. |
client consent certificates | A certificate that indicates acceptance or denial of consent to decrypt an end user's |
| HTTPS request. |
A way of replacing the appliance IP address with the Web server IP address for all | |
| port 80 traffic destined to go to the client. This effectively conceals the SG appliance |
| address from the client and conceals the identity of the client from the Web server. |
concentrator | An SG appliance, usually located in a data center, that provides access to data center |
| resources, such as file servers. |
content filtering | A way of controlling which content is delivered to certain users. SG appliances can |
| filter content based on content categories (such as gambling, games, and so on), type |
| (such as http, ftp, streaming, and mime type), identity (user, group, network), or |
| network conditions. You can filter content using |
| allowing or denying access to URLs. |
D |
|
default boot system | The system that was successfully started last time. If a system fails to boot, the next |
| most recent system that booted successfully becomes the default boot system. |
default proxy listener | See proxy service (d efault). |
denial of service (DoS) | A method that hackers use to prevent or deny legitimate users access to a computer, |
| such as a Web server. DoS attacks typically send many request packets to a targeted |
| Internet server, flooding the server's resources and making the system unusable. Any |
| system connected to the Internet and equipped with |
| vulnerable to a DoS attack. |
| The SG appliance resists DoS attacks launched by many common DoS tools. With a |
| hardened TCP/IP stack, SG appliance resists common network attacks, including |
| traffic flooding. |
93
