Appendix A: Glossary

policy repository A data store such as a directory server, a flat file, or a database that contains a network’s security policies. The PDP draws on the policies in the repository to make its authentication decisions.

post-connectNAC tests that are run on endpoints after they have already connected success- testing fully to the network. The network administrator configures the length of the retest frequency. If a device has become infected or no longer complies with

an organization’s security policies, the NAC 800 quarantines it.

posture See integrity posture.

PPPPoint-to-Point Protocol. A layer-2 protocol that connects a device such as a personal computer to a server through a phone line. PPP uses a serial interface and is sometimes considered part of the TCP/IP protocol suite. For more information, see RFC 1661 at http://tools.ietf.org/html/rfc1661.

PPTP Point-to-Point Tunneling Protocol. A method originally devised by Cisco for implementing VPNs. For more information, see RFC 2637 at http:// tools.ietf.org/html/rfc2637.

pre-connectTesting performed before an endpoint is granted access to the network. See testing also post-connect testing.

pre-shared key See PSK.

private key One of a pair of keys that is generated from a single, large random number. The private key is kept secret, not distributed, and is used to decrypt a message that was encrypted using the public key. If used to encrypt a message, it “signs” that message as originating from the private key’s owner.

PSK Pre-Shared Key. An alphanumeric character string agreed upon by two parties in advance. In IKE negotiations, peers can exchange a pre-shared key that is between 8 and 255 characters long to authenticate each other before opening the IKE security association.

public key One of a pair of keys that is generated from a single, large random number. The public key is distributed widely and is used to encrypt a message that can be decrypted using only the private key. The public key also verifies data signed by the private key.

public key See PKI. infrastructure

A-17

Page 286 Page 288
Page 287
Image 287
HP Access Control Client Software manual Posture See integrity posture, Pre-shared key See PSK
Page 286 Page 288
Top Page Image Contents