Glossary
GL-17
Cisco ASA 5500 Series Configuration Guide using the CLI
RSH Remote Shell. A protocol that allows a user to execute commands on a remote system without having
to log in to the system. For example, RSH can be used to remotely examine the status of a number of
access servers without connecting to each communication server, executing the command, and then
disconnecting from the communication server.
RTCP RTP Control Protocol. Protocol that monitors the QoS of an IPv6 RTP connection and conveys
information about the ongoing session. See also RTP.
RTP Real-Time Transport Protocol. Commonly used with IP networks. RTP is designed to provide
end-to-end network transport functions for applications transmitting real-time data, such as audio,
video, or simulation data, over multicast or unicast network services. RTP provides such services as
payload type identification, sequence numbering, timestamping, and delivery monitoring to real-time
applications.
RTSP Real Time Streaming Protocol. Enables the controlled delivery of real-time data, such as audio and
video. RTSP is designed to work with established protocols, such as RTP and HTTP.
rule Conditional statements added to the ASA configuration to define security policy for a particular
situation. See also ACE, ACL, NAT.
running
configuration
The configuration currently running in RAM on the ASA. The configuration that determines the
operational characteristics of the ASA.
S
SA security association. An instance of security policy and keying material applied to a data flow. SAs
are established in pairs by IPsec peers during both phases of IPsec. SAs specify the encryption
algorithms and other security parameters used to create a secure tunnel. Phase 1 SAs (IKE SAs)
establish a secure tunnel for negotiating Phase 2 SAs. Phase 2 SAs (IPsec SAs) establish the secure
tunnel used for sending user data. Both IKE and IPsec use SAs, although SAs are independent of one
another. IPsec SAs are unidirectional and they are unique in each security protocol. A set of SAs are
needed for a protected data pipe, one per direction per protocol. For example, if you have a pipe that
supports ESP between peers, one ESP SA is required for each direction. SAs are uniquely identified
by destination (IPsec endpoint) address, security protocol (AH or ESP), and Security Parameter Index.
IKE negotiates and establishes SAs on behalf of IPsec. A user can also establish IPsec SAs manually.
An IKE SA is used by IKE only, and unlike the IPsec SA, it is bidirectional.
SCCP Skinny Client Control Protocol. A Cisco-proprietary protocol used between Cisco Call Manager and
Cisco VoI P phones.
SCEP Simple Certificate Enrollment Protocol. A method of requesting and receiving (also known as
enrolling) certificates from CAs.
SDP Session Definition Protocol. An IETF protocol for the definition of Multimedia Services. SDP
messages can be part of SGCP and MGCP messages.
secondary unit The backup ASA when two are operating in failover mode.
secret key A secret key is a key shared only between the sender and receiver. See key, public key.