GL-5
Cisco Router and Security Device Manager 2.5 User’s Guide
OL-4015-12
Glossary
CBAC Context-based Access Control. Protocol that provides internal users with secure
access control for each application and for all traffic across network perimeters.
CBAC scrutinizes both source and destination addresses and tracks each
application connection status.
CBWFQ Class-Based Weighted Fair Queuing. CBWFQ provides support for user-defined
traffic classes. For CBWFQ, you define traffic classes based on match criteria
including protocols, access control lists (ACLs), and input interfaces.
CDP Cisco Discovery Protocol. A media- and protocol-independent device-discovery
protocol that runs on all Cisco-manufactured equipment including routers,
access servers, bridges, and switches. Using CDP, a device can advertise its
existence to other devices and receive information about other devices on the
same LAN or on the remote side of a WAN.
CDP Certificate Revocation List Distribution Point. A location from with a Certificate
Revocation List can be retrieved. A CDP is usually an HTTP or LDAP URL
CEP Certificate Enrollment Protocol. A certificate management protocol. CEP is an
early implementation of Certificate Request Syntax (CRS), a standard pr oposed
to the Internet Engineering Task Force (IETF). CEP specifies how a device
communicates with a CA, including how to retrieve the public key of the CA,
how to enroll a device with the CA, and how to retrieve a certificate revocation
list (CRL). CEP uses PKCS (Public Key Cryptography Standards) 7 and 10 as
key component technologies. The public key infrastructure working group
(PKIX) of the IETF is working to standardize a protocol for these functions,
either CRS or an equivalent. When an IETF standard is stable, Cisco will add
support for it. CEP was jointly developed by Cisco Systems and VeriSign, Inc.
certificate See digital certificate.
certificate identity An X.509 certificate contains within it information regarding the identity of
whichever device or entity possesses that certificate. The identification
information is then examined during each subsequent inst ance of peer
verification and authentication. However, certificate identities can be vulnerable
to spoofing attacks.