HP X Unified Security Platform IKE (Internet Key Exchange), IM filters, Infrastructure Protection, Intrusion Prevention System (IPS), IP filter, IP interface, IPSec, L2TP

Glossary

IKE (Internet Key Exchange)

Internet Key Exchange (IKE) is used to negotiate the keying material that is used by the VPN encryption and integrity algorithms. IKE is a two-stage mechanism for automatically establishing IPSec tunnels with dynamically generated keying material. IKE uses UDP port number 500 and precedes the actual IPSec data flow.

IM filters

IM filters detect and control traffic from Instant Messaging applications such as Yahoo Messenger or MSN Messenger, chat, file transfer and photo sharing. These filters can be used to block the operation of the Instant Messaging application. Many of the IM filters can also be used to rate limit traffic from IM applications. These filters are part of the Performance Protection (see page 311) filter category.

Infrastructure Protection

Category of filter types that protect network bandwidth and network infrastructure elements such as routers and firewalls from attack using a combination of traffic normalization, DDoS protection, and application, protocol, and network equipment protection. These filters include DDoS, network equipment protection, and traffic normalization filters.

Intrusion Prevention System (IPS)

The TippingPoint Intrusion Prevention System in the X family device is an active network defense system that provides true intrusion prevention. Unlike intrusion detection systems, the IPS continually cleanses Internet and Intranet traffic, identifying and preventing attacks before damage to critical resources occurs, ensuring network integrity and ultimately improving return on investment.

IP filter

A filter that blocks traffic based on the source, destination, port, protocol, and other parameters of the traffic.

IP interface

An IP interface is the Layer 3 configuration, that is, the IP configuration for its set of security zones (and hence Ethernet ports within the security zone. IP interfaces provide the X family device with the IP interfaces that it needs for the network connections you require.

IPSec

A protocol used to create secure VPNs by encrypting and authenticating all IP packets. It uses the IKE protocol for key exchange and authentication. IPsec provides security at the network layer.

L2TP

Layer 2 Tunneling protocol, a protocol for tunnelling VPN (Virtual Private Network) traffic. L2TP is an extension to the Point-to-Point Tunneling Protocol (PPTP). L2TP supports multiple protocols and unregistered and privately administered IP addresses over the Internet. L2TP provides a more secure connection than the PPTP protocol.

Local Security Manager (LSM)

Abrowser-based management application that provides on-the-box administration, configuration, and reporting for a single X family device.

310X Family LSM User’s Guide V 2.5.1