Glossary
GL-26
Cisco Router and Security Device Manager 2.5 User’s Guide
OL-4015-12
PAP Password Authentication Protocol. An authentication protocol that allows peers
to authenticate one another. PAP passes the password and hostname or username
in unencrypted form. See also CHAP.
parameter map Parameter-maps specify inspection behavior for Zone-Policy Firewall, for
parameters such as Denial-of-Service Protection, session and connection timers,
and logging settings. Parameter-maps are also applied with Layer 7 class- and
policy-maps to define application-specific behavior, such as HTTP objects,
POP3 and IMAP authentication requirements, and other application-specific
information.
password A protected and secret character string (or other data source) associated with the
identity of a specific user or entity.
password aging
Password aging
The ability of a system to notify a user that their passwor d has expired, and to
provide them with themeans to create a new password.
PAT
Dynamic PAT
Port Address Translation. Dynamic PAT lets multiple outbound sessions appear
to originate from a single IP address. With PAT enabled, the router chooses a
unique port number from the PAT IP address for each outbound translation slot
(xlate). This feature is valuable when an Internet service provider cannot
allocate enough unique IP addresses for your outbound connections. Th e global
pool addresses always come first, before a PAT address is used.
peer In IKE, peers are routers acting as proxies for the participants in an IKE tunnel.
In IPSec, peers are devices or entities that communicate securely either through
the exchange of keys or the exchange of digital certificates.
peer-to-peer A type of network design where all hosts share roughly equivalent capabilities.
Also called P2P, peer-to-peer networking is used by many file sharing networks.
PEM Privacy Enhanced Mail format. A format for storing digital certificates.
PFS perfect forward secrecy. A property of some asymmetric key agreement
protocols that allows for the use of different keys at different times d uring a
session, to ensure that the compromising of any single key will not compromise
the session as a whole.
physical interface A router interface supported by a network module that is instal led in the router
chassis, or that is part of the router’s basic hardware.