Appendix A: Glossary

PAP

Password Authentication Protocol. A protocol used to authenticate a client

 

to a remote server or an Internet service provider. PAP transmits usernames

 

and passwords in unencrypted plaintext, making it insecure. For more infor-

 

mation, see RFC 1334 at http://www.ietf.org/rfc/rfc1334.txt.

PCM

ProCurve Manager. ProCurve’s SNMP solution.

PDA

Personal Digital Assistant. A hand-held computing device that can run

 

applications or store data. Some PDAs have radio or infrared transmission

 

capabilities.

PDP

Policy Decision Point. An authentication server, often a RADIUS server or NAC,

 

that accepts authorization requests, and based on the policies that it contains,

 

returns a verdict: access denied or permitted, and under what conditions.

PEAP

Protected EAP. A transport mechanism developed to provide much of the

 

security of EAP-TLSwithout forcing endpoints to use digital certificates, thereby

 

drastically cutting the work to implement the protocol. PEAP requires only a

 

server-side PKI certificate to create a secure TLS tunnel to protect end-user

 

authentication.

peer-to-peer

See P2P.

PEP

Policy Enforcement Point. A network component, usually a NAS, that

 

enforces the policy that was chosen by the PDP. The PEP performs the task of

 

either dropping the signal from an unauthorized endpoint or permitting the

 

endpoint to connect to the network.

permanent agent

An agent that is installed on an endpoint and not removed. The NAC EI agent is

 

a permanent agent. See also transient agent.

PKI

Public Key Infrastructure. A system of digital certificates, CAs, and other

 

registration authorities that verify and authenticate each party in an Internet

 

transaction. PKI enables devices to privately exchange data using a public

 

infrastructure such as the Internet by managing keys and certificates. From a

 

trusted CA, an end-user obtains a certificate, which includes the user’s iden-

 

tification information, a public key, and the CA’s signature. The end-user also

 

obtains the corresponding private key. The user authenticates with the certif-

 

icate. In addition, devices can encrypt messages destined to the user with the

 

user’s public key, which the user’s endpoint then decrypts with the private key.

PoE

Power over Ethernet. Technology that permits the transmission of electrical

 

energy over Ethernet cabling to provide power to a component on the end of

 

the cable, typically an AP or RP.

A-16

Page 285 Page 287
Page 286
Image 286
HP Access Control Client Software manual Peer-to-peer, Permanent agent, PoE
Page 285 Page 287
Top Page Image Contents