Nortel Networks 2300 manual Media access control address See MAC address

Glossary 621

LDAP Lightweight Directory Access Protocol. A protocol defined in RFC 1777 for management and browser applications that require simple read-write access to an X.500 directory without incurring the resource requirements of Directory Access Protocol (DAP). Protocol elements are carried directly over TCP or other transport, bypassing much of the session and presentation overhead. Many protocol data elements are encoded as ordinary strings, and all protocol elements are encoded with lightweight basic encoding rules (BER).

Lightweight Directory Access Protocol See LDAP.

location policy An ordered list of rules that overrides the virtual LAN (VLAN) assignment and security ACL filtering applied to users during normal authentication, authorization, and accounting (AAA)—or assigns a VLAN or security ACL to users without these assignments. Defining location policy rules creates a location policy for local access within a Wireless Security Switch (WSS) switch. Each WSS switch can have only one location policy. See also location policy rule.

location policy rule A rule in the location policy on a WLAN—Security Switch (WSS) switch that grants or denies a set of network access rights based on one or more criteria. Location policy rules use a username or VLAN membership to determine whether to override—or supply—authorization attributes during authentication and to redirect traffic. Location policy rules are processed in the order in which they appear in the location policy. See also location policy.

MAC (1) Media access control. See MAC address. (2) Message authentication code. A keyed hash used to verify message integrity. In a keyed hash, the key and the message are inputs to the hash algorithm. See also MIC.

MAC address Media access control address. A 6-byte hexadecimal address that a manufacturer assigns to the Ethernet controller for a port. Higher-layer protocols use the MAC address at the MAC sublayer of the Data Link layer (Layer 2) to access the physical media. The MAC function determines the use of network capacity and the stations that are allowed to use the medium for transmission.

MAC address wildcard A Nortel convention for matching media access control (MAC) addresses or sets of MAC addresses by means of known characters plus a “wildcard” asterisk (*) character that stands for from 1 byte to 5 bytes of the address. See also user wildcard; VLAN wildcard.

MAC protocol data unit See MPDU.

MAC service data unit See MSDU.

managed device In a Nortel WLAN 2300 System wireless LAN (WLAN), a Wireless Security Switch (WSS) switch or Access Point (AP) access point under the control of the WLAN Management Software tool suite.

master secret A code derived from the pre-master secret. A master secret is used to encrypt Transport Layer Security (TLS) authentication exchanges and also to derive a pairwise master key (PMK). See also PMK; pre-master secret.

maximum transmission unit See MTU.

MD5 Message-digest algorithm 5. A one-way hashing algorithm used in many authentication algorithms and also to derive cryptographic keys in many algorithms. MD5 takes a message of an arbitrary length and creates a 128-bit message digest.

media access control address See MAC address.

Nortel WLAN Security Switch 2300 Series Configuration Guide