Fortinet 100A manual 365

MTU, Maximum Transmission Unit: The largest physical packet size, measured in bytes, that a network can transmit. Any packets larger than the MTU are divided into smaller packets before they are sent.

NAT, Network Address Translation: A way of routing IPv4 packets transparently. Using NAT, a router or FortiGate unit between a private and public network translates private IP addresses to public addresses and the other way around.

netmask, network mask: Also sometimes called subnet mask. A 32-bit quantity that indicates which bits of an IP address refer to the network portion.

NTP, Network Time Protocol: Used to synchronize the time of a computer to an NTP server. NTP provides accuracies to within tens of milliseconds across the Internet relative to coordinated universal time.

OSI, Open Systems Interconnection: A standard that defines network communication protocols using a seven-layer model.

packet: A piece of data transmitted over a packet- switched network. A packet contains a payload, the source and destination addresses, and a checksum. In IP networks, packets are often called datagrams. Packets are passed between the OSI data-link and network layers.

PAP, Password Authentication Protocol: An authentication protocol supported by PPP. See also PPP.

ping, packet Internet grouper: A utility for determining whether the device at a specific IP address is accessible. The utility sends a packet to the specified address and waits for a reply.

POP3, Post Office Protocol: A protocol used to transfer email from a mail server to a mail client across the Internet. Most email clients use POP.

port: The part of an interface on which application traffic is carried. By convention, the port number identifies the type of traffic. For example, port 80 is used for HTTP traffic.

PPP, Point-to-Point Protocol: A protocol for transmitting IP packets over serial point-to-point links (that is, across any DTE/DCE interface).

PPPoE, PPP over Ethernet: A protocol that specifies how to encapsulate PPP packets over Ethernet.

PPTP, Point-to-Point Tunneling Protocol: A security protocol that creates a VPN by encapsulating PPP packets.

protocol: A standard format for transmitting data. The protocol determines the type of error checking to be used, the data compression method (if any), how the sending device indicates that it has finished sending a message, and how the receiving device indicates that it has received a message.

RADIUS, Remote Authentication Dial-In User Service: A user authentication and network-usage accounting system. When users dial into an ISP they enter a user name and password. This information is passed to a RADIUS server, which authenticates the user and authorizes access to the network.

remote: The far end point (an IP address or port number) of a connection.

replay detection: A way to determine whether a replay attack is underway in an IPSec tunnel. A replay attack occurs when an unauthorized party intercepts a series of IPSec packets and changes them in an attempt to flood a tunnel or access a VPN.

RFC, Request for Comments: Internet Standards Committee documentation.

RIP, Routing Information Protocol: An Internet protocol for sharing routing information within an autonomous system.

router: A hardware device that connects computers on the Internet together and routes traffic between them. A router may connect a LAN and/or DMZ to the Internet.

routing: The process of determining which path to use for sending packets to a destination.

routing table: A list of possible paths that a packet can take to reach a destination.

SA, Security Association: SAs protect tunneled packets. They contain the information needed to create an IPSec VPN tunnel. An SA is uniquely identified by a security parameter index, an IP destination address, and a security protocol identifier. The Internet Security Association and Key Management Protocol (ISAKMP) is used to manage SAs.

server: An application that answers requests from clients. Used as a generic term for any device that provides services to the rest of the network such as printing, storage, and network access.