Glossary
Select a letter to search for:
- A
- B
- C
- D
- E
- F
- G
- H
- I
- J
- K
- L
- M
- N
- O
- P
- Q
- R
- S
- T
- U
- V
- W
- X
- Y
- Z
VLAN Stacking
VLAN stacking allows a service provider to distinguish multiple subscriber VLANs, even those with the same (subscriber-assigned) VLAN ID, within its network.
Policy
A policy defines the action(s) to be performed on a traffic flow that has been classified. See also Bandwidth Management, Classifier, Firewall and VPN.
VLAN Stacking
VLAN stacking allows a service provider to distinguish multiple subscriber VLANs, even those with the same (subscriber-assigned) VLAN ID, within its network.
Policy
A policy defines the action(s) to be performed on a traffic flow that has been classified. See also Bandwidth Management, Classifier, Firewall and VPN.
Management Port
A management port is a dedicated port on a device for management purposes only. You cannot access the network through a management port.
In-band Management
In-band management means accessing the management interface of a device through a network port that is not a management port.
Out-of-band Management
Out-of-band management means accessing the management interface of a device through a management port. See also Management Port.
Classifier
In computer networking, a classifier groups traffic based on specific criteria such as the IP address, port or protocol, etc.
BRAS
A BRAS (Broadband Remote Access Server) aggregates and routes subscriber traffic to/from the DSLAMs (Digital Subscriber Line Access Multiplexers) in the ISP's network.
TMSS
TMSS (Trend Micro Security Services) identifies vulnerabilities and protects computers and networks that have Internet connections through a broadband router.
VDSL
Very High Bit Rate DSL is an asymmetric version of DSL that is used as the final drop from a fiber optic junction point to nearby customers. VDSL lets an apartment or office complex obtain high-bandwidth services using existing copper wires without having to replace the infrastructure with optical fiber. Like ADSL, VDSL can share the line with the telephone.
ADPCM
ADPCM-32 is a 32-bit voice compression method that converts analog signals to digital data, thus allowing voice transmission over digital lines.
100 Base-T
The 100-Mbps baseband Ethernet specification uses two pairs of twisted-pair wire with a maximum distance of 100 meters between the hub and the workstation.
10 Base-T
Twisted-pair cable with maximum segment lengths of 100 meters.
10Base-S Mode
This is a VDSL mode. Each mode operates in a specific frequency band allocation with associated upstream and downstream speeds.
AAL
AAL converges packets from upper layers into ATM cells as defined by ITU-T, ETSI and the ATM Forum. AAL has several service types and classes of operation to accommodate different types of classes.
AAL-2
A connection oriented, VBR (Variable Bit Rate) protocol for real-time applications. It is similar to T1 or T3 and provides a variety of data rates. See AAL.
AAL-5
A UBR (Unspecified Bit Rate) protocol that provides spare bandwidth to non-critical services such as file transfers. See AAL.
ADSL
This is an asymmetrical technology which means that the downstream data rate of the line is much higher than the upstream data rate. ADSL operates in a frequency range that is above the frequency range of voice services, so both can operate over the same cable.
A-Law
A-Law and Mu-Law are Pulse Code Modulation (PCM) techniques that dictate forms of compression for audio signals. They are widely-used standard methods of coding voice as they improve signal-to-noise ratio without increasing the amount of data. Mu-Law is a standard in North America; A-Law in Europe.
Analog
An electrical circuit that is represented by means of continuous, variable physical quantities (such as voltages and frequencies), as opposed to discrete representations (like the 0/1, off/on representation of digital circuits).
IRTF
The Internet Research Task Force is composed of small research groups that work on Internet protocols, applications, architecture and technology.
ANSI
ANSI is the primary organization for fostering the development of technology standards (defining coding standards and signaling schemes) in the United States.
ANSI Mode
This is a VDSL mode that operates in a specific frequency band allocation with associated upstream and downstream speeds.
ARP
Address Resolution Protocol is a protocol for mapping an Internet Protocol address (IP address) to a physical computer address that is recognized in the local network.
AT&T 5ESS
A digital central office switching system made by AT&T.
ATM
ATM is a LAN and WAN networking technology that provides high-speed data transfer. ATM uses fixed-size packets of information called cells. With ATM, a high QoS (Quality of Service) can be guaranteed.
Authenticity
Proof that the information came from the person or location that reportedly sent it. One example of authenticating software is through digital signatures.
Backdoor
In computer terminology, a backdoor (also called a trapdoor) is hidden software or a hardware mechanism that can be triggered to gain access to a program, online service or an entire system.
Backbone
A high-speed line or series of connections that forms a major pathway within a network.
BackOrifice
BackOrifice is a remote administration tool that allows a user to control a computer across a TCP/IP connection using a simple console or GUI application.
Bandwidth
This is the capacity of a link usually measured in bits-per-second (bps).
Bit
A Binary Digit (either a one or a zero); a single digit number in base-2. A bit is the smallest unit of computerized data.
Boot Module Commands
Boot Module Commands, available in the debug mode via SMT (some devices may not have SMTs), help you initialize the configuration of the basic functions and features of your device(s) such as uploading firmware, changing the console port speed and viewing product-related information.
Bridging
Bridging provides LAN to LAN frame forwarding services between two or more LANs. Frames from one LAN are forwarded across a bridge to a connected LAN, although filtering can be employed to selectively forward frames.
Brute Force Hacking
A technique used to find passwords or encryption keys. Brute Force Hacking involves trying every possible combination of letters, numbers, etc., until the code is broken.
Byte
A set of bits that represents a single character. There are eight bits in a byte.
Call filtering
Call filtering is used to determine if a packet should be allowed to trigger a call. Outgoing packets must undergo data filtering before they encounter call filtering.
Camping Out
Staying in a "safe" place once a hacker has broken into a system. The term can be used with a physical location, electronic reference or an entry point for future attacks.
CDR
This is a name used by telephone companies for call-related information.
CHAP
Challenge Handshake Authentication Protocol is an alternative protocol that avoids sending passwords over the wire by using a challenge/response technique.
Cipher Text
Text that has been scrambled or encrypted so that it cannot be read without deciphering it. See Encryption.
Client program
A software program that is used to contact and obtain data from a server software program on another computer. Each client program is designed to work with one or more specific kinds of server programs and each server requires a specific kind of client. A web browser, for example, is a specific kind of client.
CO
A CO is a facility that serves local telephone subscribers. In the CO, subscribers' lines are joined to switching equipment that allows them to connect to each other for both local and long distance calls.
COE
COE is where home and office phone lines terminate and connect to a much larger switching system.
DSP
A Digital Signal Processor (DSP) carries out the mathematical operations used in converting a signal into digital output.
Community
This is the SNMP equivalent of a password.
Cookie
A string of characters saved by a web browser on the user's hard disk.
Countermeasures
Techniques, programs or other tools that can protect your computer against threats.
CPE
CPE is privately-owned telecommunication equipment at an individual or organization’s site that is attached to the telecommunication network.
Cracker
Another term for hackers. Generally, the term cracker refers specifically to a person who maliciously attempts to break encryption, software locks or network security.
Cracker Tools
Programs used to break into computers. Cracker tools are widely distributed on the Internet. They include password crackers, Trojans, viruses, war-dialers and worms.
Crossover Ethernet Cable
A cable that wires a pin to its opposite pin, for example, RX+ is wired to TX+. This cable connects two similar devices, for example, two data terminal equipment (DTE) or data communications equipment (DCE) devices.
Crosstalk
Crosstalk on telephone wires is noise emanating from the signals transmitted on adjacent wire pairs caused by electric or magnetic fields of one telecommunication signal affecting the signal in an adjacent circuit.
Crosstalk in wireless network applications occurs when the radio signals from access points overlap and interfere with one another thus reducing performance.
Cryptoanalysis
The act of analyzing (or breaking into) secure documents or systems that are protected with encryption.
CSU/DSU
CSUs and DSUs are actually two separate devices, but they are used in conjunction and often combined into the same box. CSU/DSU are hardware devices that convert digital signals used on a LAN into a digital signal used on a WAN and vice-versa (over a T-1 line, for example).
DCE
DCE (Data Communication Equipment) is a device, such as a modem, that converts data between different interfaces (digital and analog for example) and exchanges data with the DTE.
Decryption
The act of restoring an encrypted file to its original state.
Denial of Service
Act of preventing customers, users, clients or other computers from accessing data on a computer. This is usually accomplished by interrupting or overwhelming the computer with bad or excessive information requests.
Device Filters
Device Filters decide whether or not to allow passage of a data packet and/or to make a call. Device filters act on raw data from/to LAN and WAN and serve as a limited firewall to your device.
DHCP
Dynamic Host Configuration Protocol automatically assigns IP addresses to clients when they log on. DHCP centralizes IP address management on central computers that run the DHCP server program. DHCP leases addresses, for a period of time, which means that past addresses are “recycled” and made available for future reassignment to other systems.
Digital
The use of a binary code to represent information, such as 0/1, or on/off.
DLCI
A DLCI specifies the channel and destination that frame relay traffic will use.
DNS
Domain Name System links names to IP addresses. When you access Web sites on the Internet you can type the IP address of the site or the DNS name.
Domain Name
The unique name that identifies an Internet site. Domain Names always have two or more parts that are separated by dots. The part on the left is the most specific and the part on the right is the most general.
DRAM
Dynamic RAM stores information in capacitors that must be refreshed periodically.
DSL
Digital Subscriber Line technologies enhance the data capacity of the existing twisted pair wire that runs between the local telephone company switching offices and most homes and offices. There are actually several types of DSL service, ranging in speeds from 16 Kbits/sec to 52 Mbits/sec. The services are either symmetrical (traffic flows at the same speed in both directions) or asymmetrical (the downstream capacity is higher than the upstream capacity). DSL connections are point-to-point dedicated circuits, meaning that they are always connected. There is no dial-up. There is also no switching, which means that the line is a direct connection into the carrier’s frame relay, ATM (Asynchronous Transfer Mode) or Internet-connect system.
DSLAM
A Digital Subscriber Line Access Multiplexor (DSLAM) is a network device, usually at a telephone company central office, that receives signals from multiple customer Digital Subscriber Line connections and puts the signals on a high-speed backbone line using multiplexing techniques. Depending on the product, DSLAM multiplexers connect DSL lines with some combination of asynchronous transfer mode ATM, frame relay or IP networks.
DTE
The DTE (Data Terminal Equipment) is a computer or terminal that is connected to a DCE.
WPA2
WPA2 (IEEE 802.11i) is a wireless security standard that defines stronger encryption, authentication and key management than WPA. It includes two data encryption algorithms, Temporal Key Integrity Protocol (TKIP) and Advanced Encryption Standard (AES) in the Counter mode with Cipher block chaining Message authentication Code Protocol (CCMP). See also WPA.
Echo Cancellation
Echo Cancellation minimizes the delays associated with digital networks. Delays are encountered as signals are processed through various routes within the networks, including copper wire, fiber optic lines, microwave connections, international gateways and satellite transmissions.
Egress port
Egress is the act of going out of something. An egress port is an outgoing port, that is, a port through which a data packet leaves. An egress router is a router through which a data packet leaves a network from another network.
eWC
This is an HTML-based configurator that allows easy setup and management.
EMI
Interference by electromagnetic signals that can cause reduced data integrity and increased error rates on transmission channels.
Encapsulation
Encapsulation is the inclusion of one data structure within another structure so that the first data structure is hidden for the time being.
Encryption
The act of substituting numbers and characters in a file so that the file is unreadable until it is decrypted. Encryption is usually done using a mathematical formula that determines how the file is decrypted.
Ethernet
A very common method of networking computers in a LAN. There are a number of adaptations to the IEEE 802.3 Ethernet standard, including adaptations with data rates of 10 Mbits/sec and 100 Mbits/sec over coaxial cable, twisted-pair cable and fiber-optic cable. See also Gigabit Ethernet.
BRAS
A BRAS (Broadband Remote Access Server) aggregates and routes subscriber traffic to/from the DSLAMs (Digital Subscriber Line Access Multiplexers) in the ISP’s network.
ETSI
ETSI is a non-profit organization that establishes telecommunications standards (defining coding standards and signaling schemes) for Europe. ETSI guidelines are voluntary and almost always comply with standards produced by international bodies.
ETSI Mode
This is a VDSL mode that operates in a specific frequency band allocation with associated upstream and downstream speeds.
Events
These are network activities. Some activities are direct attacks on your system, while others might be depending on the circumstances. Therefore, any activity, regardless of severity is called an event. An event may or may not be a direct attack on your system.
FAQ
FAQs list and answer the most common questions on a particular subject.
FCC
The FCC (Federal Communications Commission) is in charge of allocating the electromagnetic spectrum and thus the bandwidth of various communication systems.
Firewall
A hardware or software "wall" that restricts access in and out of a network. Firewalls are most often used to separate an internal LAN or WAN from the Internet.
Flash memory
A nonvolatile storage device that can be electrically erased and reprogrammed so that data can be stored, booted and rewritten as necessary.
Frame Relay
Frame relay is a form of packet-switching technology that routes frames of information from source to destination over a switching network owned by a carrier. Frame sizes are not fixed.
Frame Type
Each frame type is a separate logical network, even though they exist on one physical network. Frame Types are 802.2, 802.3, Ethernet II (DIX) and SNAP (Sub-Network Access Protocol).
FTP
File Transfer Protocol is an Internet file transfer service that operates on the Internet and over TCP/IP networks. A system running the FTP server accepts commands from a system running an FTP client. The service allows users to send commands to the server for uploading and downloading files.
G.SHDSL
A Single-pair High-speed Digital Subscriber Line is a symmetrical, bi-directional DSL service that operates on one twisted-pair wire. The “G.” in “G.SHDSL” refers to ITU (International Telecommunication Union) “G” standards. G.SHDSL provides data rates from 192kbps up to 2.3 Mbps at distances of 6,000 feet to 20,000 feet on 26 AWG copper. See also DSL.
Gateway
A gateway is a computer system or other device that acts as a translator between two systems that do not use the same communication protocols, data formatting structures, languages and/or architecture.
Ground Start
This is a type of analog voice grade access line signaling that requires the customer interface to provide a ground on the ring conductor at the network interface to initiate service requests.
GSTN
A GSTN denotes an analog network (PSTN) or digital network (ISDN).
Hacker
Generally, a hacker is anyone who experiments with technology - including computers and networks.
HDLC
A bit-oriented (the data is monitored bit by bit), link layer protocol for the transmission of data over synchronous networks.
Host
Any computer on a network that is a repository for services available to other computers on the network. It is quite common to have one host machine provide several services, such as WWW and USENET.
HTTP
The most common protocol used on the Internet. HTTP is the primary protocol used for web sites and web browsers. It is also prone to certain kinds of attacks.
IANA
Acts as the clearing-house to assign and coordinate the use of numerous Internet protocol parameters such as Internet addresses, domain names, protocol numbers and more.
ICMP
A message control and error-reporting protocol between a host server and a gateway to the Internet ICMP uses Internet Protocol (IP) datagrams, but the messages are processed by the TCP/IP software and are not directly apparent to the application user.
Ingress
Ingress is the act of entering something. An ingress port is an incoming port, that is, the port that a data packet enters from another port. An ingress router is a router through which a data packet enters a network from another network.
Inside Wiring
Wiring that is done from the point of demarcation to the jack in the wall where the line terminates.
Integrity
Proof that the data is the same as originally intended. Unauthorized software or people have not altered the original information.
Internet
(Upper case “I”). The vast collection of inter-connected networks that use TCP/IP protocols evolved from the ARPANET (Advanced Research Projects Agency Network) of the late 1960’s and early 1970’s.
internet
(Lower case “i”). Any time you connect two or more networks together, you have an internet.
Internet Worm
See Worm.
Intranet
A private network inside a company or organization that uses the same kinds of software that you would find on the public Internet, but that is only for internal use.
Intruder
Person or software interested in breaking computer security to access, modify, or damage data. Also see Cracker.
IP
(Currently IP version 4 or IPv4) The underlying protocol for routing packets on the Internet and other TCP/IP-based networks.
IP Policy Routing
Traditionally, routing is based on the destination address only and the router takes the shortest path to forward a packet. IP Policy Routing (IPPR) provides a mechanism to override the default routing behavior and forward the packet based on the policy defined by the network administrator.
IP Pool
Refers to the collective group of IP addresses located in any particular place (for example, LAN, WAN, Ethernet, etc.).
IP Source Route
Source routing makes use of an optional header to dictate the route an IP packet takes from source to destination. Network technicians may use it to time certain paths or for diagnostics. Most packets do not have a source route header.
IPCP (PPP)
Allows changes to IP parameters such as the IP address.
IPX
The native NetWare internetworking protocol is IPX (Internetwork Packet Exchange). Like IP (Internet Protocol), IPX is an internetworking protocol that provides datagram services.
IRC
It is a way for multiple users on a system to “chat” over the network.
ISP
Provide connections into the Internet for home users and businesses. There are local, regional, national, and global ISPs. You can think of local ISPs as the gatekeepers into the Internet.
ITU-T
The ITU-T is the primary international body for fostering cooperative standards for telecommunications equipment and systems. It was formerly known as the CCITT (Consultative Committee for International Telephony and Telegraphy).
LAN
A shared communication system to which many computers are attached. A LAN, as its name implies, is limited to a local area. LANs have different topologies, the most common being the linear bus and the star configuration.
Jack Type
Different types of jacks (RJ-11, RJ45 or RJ-48) can be used for an ISDN line. The RJ-11 is the most common in the world and is most often used for analog phones, modems and fax machines. RJ-48 and RJ-45 are essentially the same, as they both have the same 8-pin configuration. An RJ-11 jack can fit into an RJ-45/RJ-48 connector, however, an RJ-45/RJ-48 cannot fit into an RJ-11 connector.
LATA
A geographic territory used primarily by local telephone companies to determine charges for intrastate calls.
LEC
The local phone companies – either a Regional Bell Operating Company (RBOC) or an independent phone company (GTE for example) – that provide local transmission services.
LED
LEDs are visual indicators that relay information about the status of specific functions to the user by lighting up, turning off or blinking. LEDs are usually found on the front panel of the physical device. Examples include Status, Power and System LEDS.
LLC-Multiplexing
One VC (Virtual Circuit) carries multiple protocols with protocol identifying information being contained in each packet header. Despite the extra bandwidth and processing overhead, this method my be advantageous if it is not practical to have a separate VC for each carried protocol, eg., if charging heavily depends on the number of simultaneous VCs.
Logic Bomb
A virus that only activates itself when certain conditions are met. Logic bombs usually damage files or cause other serious problems when they are activated.
Loop Start
A supervisory signal given by a telephone or PBX in response to completing the loop path.
Loop-reach
Loop reach defines speed that can be attained at various distances. This is very important for DSL technology as distance from the CO (Central Office) influences attainable speeds.
MAC
On a local area network (LAN) or other network, the MAC address is a computer's unique hardware number. (On an Ethernet LAN, it's the same as your Ethernet address). The MAC layer frames data for transmission over the network, then passes the frame to the physical layer interface where it is transmitted as a stream of bits.
MTU
Buildings such as hotels, motels, resorts, residential multi-dwelling units, office buildings, university campuses, etc.
mu-Law
Mu-Law and A-Law are Pulse Code Modulation (PCM) techniques that dictate forms of compression for audio signals. They are widely-used standard methods of coding voice as they improve the signal-to-noise ratio without increasing the amount of data. Mu-Law is a standard in North America; A-Law in Europe.
Multiplexing
A method that combines information from multiple connections into one connection for transfer over an ATM circuit.
Multiplexor
Multiplexors or MUXs, as they are often called, are devices that combine signals from various sources such as PBX (Private Branch Exchange), asynchronous terminals or a bridge connected to a WAN. A multiplexor transmits these signals as a single data stream over a digital line. Multiplexors conserve bandwidth.
Name Resolution
The allocation of an IP address to a host name. See also DNS.
NAT
The translation of an Internet Protocol address used within one network to a different IP address known within another network - see also SUA.
NDIS
A Windows specification for how communication protocol programs (such as TCP/IP) and network device drivers should communicate with each other.
NetBIOS
NetBIOS is an extension of the DOS BIOS that enables a computer to connect to and communicate with a LAN.
Network
Any time you connect two or more computers together, allowing them to share resources, you have a computer network. Connect two or more networks together and you have an internet.
NIC
A board that provides network communication capabilities to and from a computer system. Also called an adapter.
PAC
The PAC is the box that calls/answers the phone call and relays the PPP frames to the PNS (PPTP Network Server). A PAC must have IP and dial-up capability.
Packet Filter
A filter that scans packets and decides whether to let them through or not.
PAP
A security protocol that requires users to enter a password before accessing a secure system. The user’s name and password are sent over the wire to a server where they are compared with a database of user account names and passwords.
Password Cracker
A program that uses a dictionary of words, phrases, names, etc. to guess a password.
Password encryption
A system of encrypting electronic files using a single key or password. Anyone who knows the password can decrypt the file.
Password Shadowing
The encrypted password is not visible in the password file but stored in a shadow file that is only readable by root. This prevents brute force attacks on the encrypted field to guess the password.
PBX
A subscriber-owned telecommunications exchange that usually includes access to the public switched network. It may also be a private telephone switchboard that provides on-premises dial service and may provide connections to local and trunked communications networks.
Penetration
Gaining access to computers or networks by bypassing security programs and passwords.
Phreaking
Breaking into phone or other communication systems.
Ping Attack
An attack that slows down the network until it is unusable. The attacker sends a "ping" command to the network repeatedly to slow it down. See also Denial of Service.
Pirate
Someone who steals or distributes software without paying the legitimate owner for it.
Pirated Software
Software that has been illegally copied, or that is being used in violation of the software's licensing agreement. Pirated software is often distributed through pirate bulletin boards or on the Internet. In the Internet underground, it is known as Warez.
Plain Text
Plain Text is clear text, readable by anyone – it is the opposite of cipher text.
PNS
A PNS is the box that hosts both the PPP and the PPTP stacks and forms one end of the PPTP tunnel. The PNS must have IP connectivity.
Point of Demarcation
The physical point where the phone company ends its responsibility for the wiring of the phone line.
POP
This is a common protocol used for sending, receiving, and delivering mail messages.
Port
An Internet port refers to a number that is part of a URL, appearing after a colon (:), directly following the domain name. Every service on an Internet server listens on a particular port number on that server. Most services have standard port numbers, for example, Web servers normally listen on port 80.
Port (H/W)
An interface on a computer for connecting peripherals or devices to the computer. A printer port, for example, is an interface that is designed to have a printer connected to it. Ports can be defined by specific hardware (such as a keyboard port) or through software.
POTS
The analog telephone service that runs over copper twisted-pair wires and is based on the original Bell telephone system. Twisted-pair wires connect homes and businesses to a neighborhood central office. This is called the local loop. The central office is connected to other central offices and long-distance facilities.
PPP
PPP encapsulates and transmits IP (Internet Protocol) datagrams over serial point-to-point links. The protocol is defined in IETF (Internet Engineering Task Force) RFC 1661 through 1663. PPP provides router-to-router, host-to-router, and host-to-host connections.
PPPoE
PPPoE relies on two widely accepted standards: PPP and Ethernet. PPPoE is a specification for connecting the users on an Ethernet to the Internet through a common broadband medium, such as a single DSL line, wireless device or cable modem.
Hardware Monitor
A device uses the hardware monitor to observe temperature, voltage and fan speed readings.
Promiscuous Packet Capture
Actively capturing packet information from a network. Most computers only collect packets specifically addressed to them. Promiscuous packet capture acquires all network traffic it can regardless of where the packets are addressed.
Protocol
A “language” for communicating on a network. Protocols are sets of standards or rules used to define, format and transmit data across a network. There are many different protocols used on networks. For example, most web pages are transmitted using the HTTP protocol.
Protocol Filters
Use Protocol Filters to decide whether or not to allow passage of a data packet and/or to make a call. Protocol filters act on IP/IPX packets and can serve as a limited firewall.
Proxy Server
A server that performs network operations in lieu of other systems on the network. Proxy Servers are most often used as part of a firewall to mask the identity of users inside a corporate network yet still provide access to the Internet.
PSTN
Public Switched Telephone Network was put into place many years ago as a voice telephone call-switching system. The system transmits voice calls as analog signals across copper twisted cables from homes and businesses to neighborhood COs (central offices); this is often called the local loop. The PSTN is a circuit-switched system, meaning that an end-to-end private circuit is established between caller and the person called.
Public Key Encryption
System of encrypting electronic files using a key pair. The key pair contains a public key used during encryption, and a corresponding private key used during decryption.
PVC
A PVC is a logical point-to-point circuit between customer sites. PVCs are low-delay circuits because routing decisions do not need to be made along the way. Permanent means that the circuit is preprogrammed by the carrier as a path through the network. It does not need to be set up or torn down for each session.
ras
This is the name of the firmware on the ZyXEL device. Renaming may be necessary when uploading new firmware to the device.
RBOC
There are currently seven regional telephone companies that were created by the AT&T divestiture.
Reconnaissance
The finding and observation of potential targets for a cracker to attack.
REN
A Ringer Equivalence Number is used to determine the number of devices that may be connected to the telephone line.
RFC
An RFC is an Internet formal document or standard that is the result of committee drafting and subsequent review by interested parties.
Ring Type
Ring Type determines the sound and frequency of your telephone’s ring.
RIP
An interior or intra-domain routing protocol that uses distance-vector routing algorithms. RIP is used on the Internet and is common in the NetWare environment as a method for exchanging routing information between routers.
Rom-0
This is the name of the configuration file on your ZyXEL device. Renaming may be necessary when uploading a new configuration file to your ZyXEL device.
Router
A device that connects two networks together. Routers monitor, direct and filter information that passes between these networks.
SAP
In NetWare, the SAP broadcasts information about available services on the network that other network devices can listen to. A server sends out SAP messages every 60 seconds. A server also sends out SAP messages to inform other devices that it is closing down. Workstations use SAP to find services they need on the network.
SATAN
A UNIX program that gathers information on networks and stores it in databases. It is helpful in finding security flaws such as incorrect settings, software bugs and poor policy decisions. It shows network services that are running, the different types of hardware and software on the network, and other information.
SDSL
A Symmetrical Digital Subscriber Line is a symmetrical, bi-directional DSL service that operates on one twisted-pair wire. It can provide data rates up to the T1 rate of 1.544 Mbits/sec, and it operates above the voice frequency, so voice and data can be carried on the same wire.
Server
A computer, or a software package, that provides a specific kind of service to client software running on other computers.
Shoulder Surfing
Looking over someone's shoulder to see the numbers they dial on a phone, or the information they enter into a computer.
SMT
The SMT is a menu-based interface that you use to configure your device.
SNMP
SNMP is a popular management protocol defined by the Internet community for TCP/IP networks. It is a communication protocol for collecting information from devices on the network.
Trap
A trap is a report sent to an SNMP manager when an event occurs.
Snooping
Passively watching a network for information that could be used to a hacker's advantage, such as passwords. Usually done while Camping Out.
Socks
A protocol that handles TCP traffic through proxy servers.
Splitter
In telephony, a splitter, sometimes called a “plain old telephone service splitter" is a device that divides a telephone signal into two or more signals, each carrying a selected frequency range, and can also reassemble signals from multiple signal sources into a single signal
Spoofing
To forge something, such as an IP address. IP spoofing is a common way for hackers to hide their location and identity
SSL
Technology that allows you to send information that only the server can read. SSL allows servers and browsers to encrypt data as they communicate with each other. This makes it very difficult for third parties to understand the communications.
Static Routing
Static routes tell routing information that a networking device cannot learn automatically through other means. The need for static routing can arise in cases where RIP is disabled on the LAN or a remote network is beyond the one that is directly connected to a remote node.
STP
STP cable consists of copper-core wires surrounded by an insulator. Two wires are twisted together to form a pair; the pair form a balanced circuit. The twisting prevents interference problems, STP provides protection against external crosstalk.
Straight-through Ethernet cable
A cable that wires a pin to its equivalent pin. This cable connects two dissimilar devices, for example, a data terminal equipment (DTE) device and a data communications equipment (DCE) device. A straight-through Ethernet cable is the most commonly used Ethernet cable.
SUA
Your system’s SUA feature allows multiple user Internet access for the cost of a single ISP account. See also NAT.
Subnet Mask
The subnet mask specifies the network number portion of an IP address. Your device will compute the subnet mask automatically based on the IP Address that you entered. You do not need to change the computer subnet mask unless you are instructed to do so.
ALG
An Application Layer Gateway (ALG) is a device that manages a specific protocol (such as SIP, H.323 or FTP) at the application layer.
TCP
TCP is a connection-oriented transport service that ensures the reliability of message delivery. It verifies that messages and data were received.
Telnet
Telnet is the login and terminal emulation protocol common on the Internet and in UNIX environments. It operates over TCP/IP networks. Its primary function is to allow users to log into remote host systems.
TEMPEST
Electromagnetic signals radiate from electronic equipment and cables. Extra shielding is used on cables and equipment to meet TEMPEST requirements, in order to stop these signals from going out to unauthorized listeners.
Terminal
A device that allows you to send commands to a computer somewhere else. At a minimum, this usually means a keyboard, display screen and some simple circuitry.
Terminal Software
Software that pretends to be (emulates) a physical terminal and allows you to type commands to a computer somewhere else.
TFTP
TFTP is an Internet file transfer protocol similar to FTP (File Transfer Protocol), but it is scaled back in functionality so that it requires fewer resources to run. TFTP uses the UDP (User Datagram Protocol) rather than TCP (Transmission Control Protocol).
Alarm Profile
An alarm profile is a set of thresholds that trigger an alarm when one is reached.
Twisted Pair
Two insulated wires, usually copper, twisted together and often bound into a common sheath to form multi-pair cables. In ISDN, the cables are the basic path between a subscriber's terminal or telephone and the PBX or the central office.
UDP
UDP is a connectionless transport service that dispenses with the reliability services provided by TCP. UDP gives applications a direct interface with the Internet Protocol (IP) and the ability to address a particular application process running on a host via a port number without setting up a connection session.
UNIX
A widely-used operating system in large networks. Usually used on workstations and servers.
URL
URL is an object on the Internet or an intranet that resides on a host system. Objects include directories and an assortment of file types, including text files, graphics, video and audio. A URL is the address of an object that is normally typed in the Address field of a Web browser. A URL is basically a pointer to the location of an object.
V Series Recommendations
V.xx or V Series Recommendations are the most commonly used international modem/telephone network standards. The V.xx series recommendations are from the ITU-TS (Telecommunication Standardization Sector of the International Telecommunications Union) and will probably replace the old American Telephone and Telegraph Company/Bell System MNP (Microcom Networking Protocol) standards. Some modems offer both MNP and ITU-T standards; however, MNP generally offers much lower transfer rates than the V.xx series. See also, V.35 Data Port Interface.
V.35 Data Port Interface
V.35 is a standard transfer rate implemented under recommendations by the ITU-TS (Telecommunication Standardization Sector of the International Telecommunications Union). V.35 provides the trunk interface between a network access device and a packet network with data rates greater than 19.2 Kbps. V.35 may use the bandwidths of several telephone circuits as a group. See also, V Series Recommendations.
VC-based Multiplexing
By prior mutual agreement, each protocol is assigned to a specific virtual circuit, eg., VCI carries IP, VC2 carries IPX, etc. VC-based multiplexing may be dominant in environments where dynamic creation of large numbers of ATM VCs is fast and economical.
VCI
A VCI is a number that denotes a particular logical connection between end stations (users or networks). A VCI specifies the channel and destination that ATM traffic will use. See also, VPI.
Voice Gateway
A voice gateway is an interface to the telephone network for VoDSL services found between an AAL-2 circuit and a GSTN.
VPI
A VPI is a number that denotes a bundle of virtual channels. A VPI specifies the path and destination that ATM traffic will use. See also, VCI.
VPN
These networks use public connections (such as the Internet) to transfer information. That information is usually encrypted for security purposes.
Vulnerability
Point where a system can be attacked.
WAN
WANs link geographically dispersed offices in other cities or around the globe including switched and permanent telephone circuits, terrestrial radio systems and satellite systems.
War Dialer
A program that automatically dials phone numbers looking for computers on the other end. They catalog numbers so that hackers can call back and try to break in.
Warez
A term that describes pirated software on the Internet.
Wire Tapping
Connecting to a network and monitoring all traffic. Most wire tapping features can only monitor the traffic on their subnet.
Speed Dial
A speed dial entry is a telephone keypad shortcut for dialing frequently used telephone numbers.
WWW
The Internet in general.
xDSL
Digital Subscriber Line(s)where x, when specified, denotes a particular type of DSL, for example, ADSL, G.SHDSL, SDSL, VDSL, RDSL, etc.
ZyNOS
ZyNOS is the firmware used in many ZyXEL products.
CBR
Constant Bit Rate is an ATM service category that provides a fixed amount of bandwidth for streaming data (like voice or video). The bandwidth is always reserved, even when streaming data is not being sent.
UBR
Unspecified Bit Rate is an ATM service category that does not appropriate fixed bandwidth or guarantee throughput and is best used for non-time-critical applications, such as e-mail.
VBR-rt
Variable Bit Rate Real Time is an ATM service category that provides a fixed amount of bandwidth for high priority, but only when it is being sent. VBR-rt is best used for on-and-off (bursty) traffic.
QoS
Quality of Service refers to both a network’s ability to deliver data with minimum delay, and the networking methods used to provide bandwidth for real-time multimedia applications.
AH
Authentication Header (RFC 2402) is a protocol that IPSec uses to verify integrity of a data packet (including the header) and the identity of it’s sender.
Authentication Algorithm
This is an established, step-by-step procedure for verifying the identity of a packet’s sender.
DES
Data Encryption Standard is a widely-used method of data encryption that uses a private (secret) key. DES applies a 56-bit key to each 64-bit block of data.
DH
Diffie-Hellman is a public-key cryptography protocol that allows two parties to establish a shared secret over an unsecured communications channel. Diffie-Hellman is used within IKE SA setup to establish session keys.
DMZ
A DMZ is a network that makes public servers visible to the outside world and physically separates them from the LAN, thus making the LAN more secure.
Encryption Algorithm
An Encryption Algorithm describes the use of encryption techniques such as DES (Data Encryption Standard) and Triple DES algorithms.
ESP
Encapsulating Security Payload (RFC 2406) is a protocol that IPSec uses to encrypt data to ensure confidentiality.
MD5
Message Digest 5, HMAC-MD5 (RFC 2403) is a hash algorithm that is used to authenticate packet data. It produces a 128-bit message digest. See also Hash and SHA1.
SHA1
Secure Hash Algorithm HMAC-SHA-1 (RFC 2404) is a hash algorithm that is used to authenticate packet data. It produces a 160-bit message digest. See also Hash and MD5.
IPSec
Internet Protocol Security is a standards-based VPN (Virtual Private Network) that offers flexible solutions for secure data communications across a public network like the Internet. IPSec is built around a number of standardized cryptographic techniques to provide confidentiality, data integrity and authentication at the IP layer.
Keys
Keys are used like passwords to open and close (encrypt and decrypt) messages. While many encryption algorithms are commonly known and public, the key must be kept secret.
PFS
Perfect Forward Secrecy is an IPSec keying method that uses a brand new key for each new IPSec SA setup. The keys are created by new key exchanges, see Diffie-Hellman.
SA
A Security Association is a contract between two parties indicating what security parameters, such as keys and algorithms they will use.
IKE
Internet Key Exchange is a two-phase security negotiation and key management service – phase 1 (Authentication) and phase 2 (Key Exchange). A phase 1 exchange establishes an IKE SA and phase 2 uses that SA to negotiate SAs for IPSec.
Transport
IPSec uses transport mode to protect upper layer protocols and affects only the data in the IP packet. The IP packet contains the security protocol (AH or ESP) located after the original IP header and options, but before any upper layer protocols contained in the packet (such as TCP and UDP).
Triple DES
This is a stronger variant of DES (Data Encryption Standard). Triple DES is a widely-used method of data encryption that applies three separate private (secret) 56-bit keys to each 64-bit block of data.
Tunnel
IPSec uses tunnel mode to encapsulate the entire IP packet and transmit it securely. Tunnel mode is fundamentally an IP tunnel with authentication and encryption and is required for gateway services to provide access to internal systems.
Bandwidth Links
Links refers to traffic flow between the device port interfaces.
Bandwidth Borrowing
A class may use bandwidth from another class if that class is not using up its current allocation and bandwidth borrowing is allowed.
Borrowing Priority
Borrowing priority determines which class gets to borrow bandwidth when two or more classes are vying for spare bandwidth.
Bandwidth Management
Bandwidth management allows you to allocate bandwidth at an interface according to defined policies.
Bandwidth Class
A bandwidth class defines bandwidth allowed at an interface for an application, such as VoIP (Voice over Internet Protocol) or FTP (File Transfer Protocol) and/or a subnetwork.
Aggressive Mode
Aggressive mode is an IPSec phase 1 negotiation mode (see Negotiation Mode). Aggressive mode is quicker than Main Mode because it eliminates several steps. However the faster speed limits its negotiating power and it also does not provide identity protection. See also Main Mode.
Call Scheduling
Configure call time periods to restrict and allow access for users on remote nodes.
Content Filtering
Content filtering restricts or blocks access to certain web features or content from web pages.
Data Confidentiality
The IPSec sender can encrypt packets before transmitting them across a network.
Data Integrity
The IPSec receiver can validate packets sent by the IPSec sender to ensure that the data has not been altered during transmission.
Data Origin Authentication
The IPSec receiver can verify the source of IPSec packets. This service depends on the data integrity service.
Dynamic DNS
With Dynamic DNS support, you can have a static hostname alias for a dynamic IP address, allowing the host to be more easily accessible from various locations on the Internet. You must register for this service with a Dynamic DNS service provider to use this service.
EAP
EAP (Extensible Authentication Protocol)(RFC2284)supports multiple authentication methods, such as RADIUS, to provide enhanced security.
IP Alias
Internet Protocol Alias allows you to partition a physical network into logical networks over the same Ethernet interface.
Key Management
Key Management allows you to determine whether to use IKE (ISAKMP) or manual key configuration in order to set up a VPN.
Main Mode
Main mode is an IPSec phase 1 negotiation mode (see Negotiation Mode). Main mode ensures the highest level of security when the communicating parties are negotiating authentication (phase 1). See also Aggressive Mode.
Multicast
Deliver IP packets to a specific group of hosts using IP multicast. IGMP (Internet Group Management Protocol) is the protocol used to support multicast groups.
Negotiation Mode
The phase 1 negotiation mode determines how the Security Association (SA) will be established for each connection through IKE negotiations. See also Aggressive Mode and Main Mode.
Port Forwarding
Use this feature to forward incoming service requests to a server on your local network. You may enter a single port number or a range of port numbers to be forwarded, and the local IP address of the desired server.
PPTP
Point-to-Point Tunneling Protocol (PPTP) is a network protocol that enables secure transfer of data from a remote client to a private server, creating a Virtual Private Network (VPN) using a TCP/IP-based network.
Pre-Shared Key
A pre-shared key identifies a communicating party during a phase 1 IKE negotiation. It is called “pre-shared” because you have to share it with another party before you can communicate with them over a secure connection.
Replay Detection
The IPSec receiver can detect and reject old or duplicate packets to protect against replay attacks.
SA Life Time (Seconds)
Define the length of time before an IKE Security Association automatically renegotiates in this field. It may range from 300 seconds (five minutes) to 86,400 seconds (one day).
Secure Gateway IP Address
Secure Gateway IP Address is the WAN IP address of the remote IPSec router.
SPI
An SPI is used to distinguish different SAs terminating at the same destination and using the same IPSec protocol. This data allows for the multiplexing of SAs to a single gateway. The SPI (Security Parameter Index) along with a destination IP address uniquely identify a particular Security Association (SA).
Hash
A hash is a mathematical function (or algorithm) that generates a message digest from plain text input. Se also message digest.
802.1Q
802.1Q is an IEEE standard for tagged VLANs (Virtual LANs) in which a VLAN ID is inserted into the layer-2 frame header to allow the creation of dynamic VLANs across switches. Tagged VLANs are not confined to the switch on which they were created as are port-based VLANs.
FCS
The Frame Check Sequence is the four octets in an Ethernet frame that contain the CRC-32 check.
CRC-32
CRC-32 (Cyclic Redundancy Check) is the checksum of an Ethernet frame as detailed in ISO 3309 [14].
VID
VID is the unique VLAN identification number.
Port-based VLAN
Port-based VLANs are VLANs where the packet forwarding decision is based on the destination MAC address and its associated port. Port-based VLANs are specific only to the device on which they were created.
BSS
See Ad-Hoc
ESS
See Infrastructure.
Ad-Hoc
An Ad-Hoc wireless LAN is a group of computers that uses wireless LAN cards, to connect as an independent wireless LAN. An Ad-Hoc wireless LAN is sometimes referred to as a Basic Service Set (BSS).
Infrastructure
An infrastructure network is an integrated wireless and wired network. One or more APs link a wireless LAN to a wired LAN. This type of network topology is sometimes called an Extended Service Set (ESS).
Access Point
An Access Point (AP) is a network device that acts as a bridge between a wired and a wireless network.
Roaming
Roaming in wireless network applications is a wireless feature that allows wireless LAN clients to connect through multiple access points while moving from coverage area to coverage area.
Internal SPTGEN
Internal SPTGEN lets you configure, save and upload multiple menus at the same time using just one configuration text file – eliminating the need to navigate and configure individual menus for each device.
Traffic Redirect
Traffic Redirect forwards WAN traffic to a backup gateway on the LAN when the router cannot connect to the Internet, thus acting as an auxiliary backup.
Trigger Port Forwarding
Trigger Port Forwarding allows computers on your LAN to dynamically take turns communicating with servers on the WAN that do not accept NAT port translation.
CRC
CRC is a method of checking for errors in data that has been transmitted on a communications link.
Bandwidth Policy
A bandwidth policy is where you define what application(s) and/or subnetworks make up a bandwidth class.
Bandwidth Monitoring
This is a graphical interface that allows you to gauge bandwidth usage.
Middleware
This is software that provides a way for two systems to exchange information or connect with one another even though they have different interfaces. For example, you can use middleware to have a VDSL based router communicate with a set-top box.
IEEE 802.1Q
802.1Q is an IEEE standard for tagged VLANs (Virtual LANs) in which a VLAN ID is inserted into the layer-2 frame header to allow the creation of dynamic VLANs across switches. Tagged VLANs are not confined to the switch on which they were created as are port-based VLANs.
Tagged VLAN
See IEEE 802.1Q VLAN.
Home Gateway
This is an intelligent network device located in the home. Users can access the home gateway device from a remote location. Examples of home gateways include computers, routers or modems, LAN access points, WLAN access points, and digital set-top boxes.
VLAN
A VLAN allows a physical network to be partitioned into multiple logical networks. Only stations within the same group can communicate with each other. Stations on a logical network can belong to one or more groups.
Queuing Algorithms
Queuing algorithms allow devices to maintain separate queues for packets from each individual source or flow and prevent a source from monopolizing the bandwidth.
GARP
GARP allows network devices to register and de-register attribute values with other GARP participants within a bridged LAN.
GVRP
GVRP is a registration protocol that defines a way for 802.1Q VLAN-aware switches to register necessary VLAN members on ports across the network.
STP
STP detects and breaks network loops and provides backup links between switches, bridges or routers. It allows a device to interact with other STP-aware devices in your network to ensure that only one path exists between any two stations on the network.
IGMP
IGMP is a session-layer protocol used to establish membership in a Multicast group - it is not used to carry user data. Refer to RFC 1112 and RFC 2236 for information on IGMP versions 1 and 2 respectively.
2B1Q
Two Binary, One Quarternary transmission is an amplitude modulation scheme for DC pulses. It combines two bits at a time to represent one of four amplitude levels. 2B1Q coding is defined in ANSI T1.601 and ETR 080, Annex A.
IGMP Snooping
IGMP snooping enables a layer-2 switch to dynamically learn the members of IP multicast groups. The switch can then forward multicast traffic to ports that are members of those multicast groups. When a switch receives multicast traffic destined for multicast groups that it does not know, it either forwards the traffic to all ports or discards it (depending on the switch and/or the switch’s configuration). IGMP snooping generates no additional network traffic and allows a switch to handle multicast traffic more efficiently and effectively.
Access Line
This is the physical telecommunications circuit (line) in the local network that connects the CO (Central Office) with the customer’s residence. See also Local Loop.
ATU-C
This is the hardware at the CO (Central Office) that terminates an ADSL connection.
ATU-R
This is the hardware at a customer’s location that provides termination for an ADSL connection.
Always-on
Always-on refers to broadband services that are connected all the time, eliminating the need to dial-up to connect.
ASIC
This is a chip engineered for a particular use or function.
ATM25
ATM25 is a 25.6 Mbps cell-based user interface defined by the ATM Forum.
B Channel
This is the bearer channel in an ISDN connection. B channel is a 64 Kbps full-duplex channel in both primary and basic rate ISDN.
Baseband
This is a networking technology that uses a line’s entire available bandwidth to transfer a single signal of digital data. Signals are not modulated and only one kind of signal (voice or data) can be sent at a time.
Basic Encoding Rate
This is an ANSI described rule for the encoding of data units. It also refers to the ratio of bits received that are in error. See Bit Error Rate Test.
Basic Rate Interface
This is an ISDN interface that has two B (bearer) channels that carry voice or data and one 16 Kbps D (data) channel. Also called Basic Rate Access (BRA).
BRA
This is an ISDN interface that has two B (bearer) channels that carry voice or data and one 16 Kbps D (data) channel. Also called Basic Rate Interface.
Bit Error Rate Test
This test shows the ratio of error bits to the total number of bits transmitted. Generally written as an exponential (10^5) to show that one out of a particular number of bits is in error.
BOOTP
This is a technology that a network uses to determine its Ethernet interface’s IP address.
Bridge
This is a networking device that forwards packets from one LAN to another. It uses the MAC address of an incoming packet to determine whether to drop or forward it. It allows the LANs to see each other’s devices, thus it is not as private or secure as a router.
Broadband
Broadband refers to networking technologies that use modulation or multiplexing to combine multiple channels for transmission over a single medium (copper telephone wire for instance). Broadband allows you to integrate data, video and voice so that it can share one line.
Cell
This is the data packet unit that ATM transmits. One cell consists of 53 bytes.
Circuit Switched Network
This is a network that sets up a temporary physical circuit when a telephone receiver is picked up (goes off hook) and holds the circuit open until it receives a disconnect signal.
Circuit Switching
This is the use of switches to set up a dedicated physical connection between two endpoints until it receives a disconnect signal.
Class 5 Switch
This is a PSTN (Public Switched Telephone Network) switch in a CO.
CLEC
A Competitive Local Exchange Carrier is a Local Exchange Carrier (LEC) that competes with the market leading or Incumbent LEC (ILEC). This type of carrier may offer Internet Access, video on demand/cable TV, long distance or local exchange service. It also includes wireless (cellular/PCS) providers.
Coaxial Cable
This type of cable has a braided copper shield that surrounds a single insulated copper wire.
Compression
This is a method of reducing the size of a signal.
Console
This is a device (usually a computer) that you use to manage a networking device via a serial port (RS232) connection.
Core Network
This refers to switching offices and the transmission plants that link them together. Competing Interchange networks connect Core Networks in the US, while in other countries, the Core Networks reach to the borders of the country they are in.
DHCP Server
This is a device that uses DHCP (see DHCP) to assign addresses to nodes on a LAN.
Dial Backup
Dial backup is an auxiliary WAN connection that you can use if your primary WAN link goes down.
Dial Up
This is the process of setting up a connection through a switched network. It also describes a type of Internet service where you have to connect (like a call) to your ISP for each session.
Bandwidth-on-demand
This allows you to dynamically set upstream and downstream line speeds to a particular rate of speed.
bps
This is a standard measurement of digital transmission speeds.
Bps
This is a standard measurement of digital transmission speeds. One byte is eight bits.
CIR
The carrier programs virtual circuits into the network between your sites and charges customers for a specific level of service called the committed information rate (CIR). The CIR is a negotiated rate and is basically a guarantee that the carrier will always have that bandwidth available.
Daylight-savings Time
This is a period during the late spring, summer and early fall when many countries set their clocks ahead of normal local time by one hour to give more daylight time in the evenings.
Device Filter Rules
Device filter rules are filter rules that treat a packet as a byte stream as opposed to an IP or IPX packet. You specify the portion of the packet to check with the Offset (from 0) and the Length fields, both in bytes.
Cleared Alarms
An administrator clears an alarm after solving its cause. When an alarm is cleared, it is removed from the current alarm screen and becomes an historical alarm.
COM Port
The communications port is used for local management of the device. In some devices, it may also be used for uplinking.
Auxiliary Port
This port can be used as a traditional dial-up connection in reserve if ever the broadband connection to the WAN port fails. See also Dial Backup.
Downlink Port
This port connects to the uplink port of another device when the devices are cascaded. Also known as a subtending port.
Subtending Port
This port connects to the uplink port of another device when the devices are cascaded. Also known as a downlink port.
Hello Time
In RSTP (or STP), this is the time interval in seconds between tree configuration messages generated by all devices in RSTP or the root device in STP.
Dual Firmware Block Structure
Devices with a “dual firmware block structure” have one “main block” and another “backup block”. You can save the current firmware into the backup block before you upload new firmware. If the firmware in the main block gets corrupted, the device tries to boot from the backup block automatically so the service is not interrupted.
E1
This is the European basic multiplex rate which packs 30 voice channels into a 256 bit frame and transmits at 2.048 Mbps.
EIR
This is the burst capability of the connection, for instance, the maximum allowable data transfer rate.
Filters
Filters tell a device whether to allow passage of a data packet and/or to make a call. There are two types of filter applications: data filtering and call filtering.
Hop Count
Hop count is a measure of distance between two points on the Internet. It is equivalent to the number of gateways that separate the source and destination.
IP Multicast
Traditionally, IP packets are transmitted in one of either two ways - Unicast (one sender to one recipient) or Broadcast (one sender to everybody on the network). IP Multicast is a third way to deliver IP packets to a group of hosts on the network - not everybody.
NAT - Global
This refers to the packet address (source or destination) as the packet travels on the WAN.
NAT - Inside
This refers to the host on the LAN.
NAT - Local
This refers to the packet address (source or destination) as the packet travels on the LAN.
NAT -Outside
This refers to the host on the WAN.
NAT Server Set
A NAT server set is a list of inside servers (behind NAT on the LAN) that you can make visible to the outside world.
PTT
PTT is a generic European name that usually refers to state-owned telephone companies.
RS-232
RS-232 is an EIA standard which is the most common way of linking data devices together.
T1
A T1 line consists of 24 voice channels packed into a 193 bit frame and transmitted at 1.544 Mbps. The unframed version, or payload, is 192 bits at a rate of 1.536 Mbps.
Bandwidth Control
Bandwidth control means defining a maximum allowable bandwidth for traffic flows from specified source(s) to specified destination(s). See also Bandwidth Management.
TCP/IP Filter Rules
TCP/IP filter rules allow you to base the rule on the fields in the IP and the upper layer protocol, for example, UDP and TCP headers.
Telco
The generic name for telephone companies throughout the world.
UNI
User Network Interface defines the connection between user equipment and the Frame Relay network, for instance, if your device is connected to a service provider.
VC
A series of virtual paths between circuit end points. This is a logical link that behaves like a dedicated point-to-point line.
Filter rules
Filters decide whether or not to allow passage a data packet and/or make a call. There are two types of filter applications: data filtering and call filtering. Data filtering screens data to determine if the packet should be allowed to pass. Call filters prevent packets from triggering calls.
GGP
Gateway-to-Gateway Protocol is an Internet protocol that specifies how gateway routers communicate with each other.
Network contention
Network contention describes a situation when two or more networked devices attempt to use the same medium simultaneously.
DHCP Relay
Dynamic Host Configuration Protocol Relay is a function that allows DHCP data to be forwarded between the computer that requests the IP address and the DHCP server.
PPPoA
One of the two types of PPP interfaces you can define for a Virtual Circuit(VC), the other being PPPoE. You can only define one PPPoA per VC.
Switch
A layer-2 network device that selects a path or circuit to send a data packet through.
Latency
The time it takes for a bit to be transmitted from source to destination.
Virtual Channel
A logical connection between ATM switches.
Virtual Path
A bundle of virtual channels.
Broadcast
Sending data to all computers on a network.
RADIUS
A RADIUS (Remote Authentication Dial-In User Service)(RFC2138, 2139) server performs authentication, authorization and accounting for a network.
Antenna
An antenna acts as a radiator that propagates a radio frequency signal from a wireless device through the air. An antenna also works in reverse by capturing signals from the air.
Coverage
Coverage, or range, is the distance over which wireless devices can communicate.
WEP
WEP (Wired Equivalent Privacy) encrypts data transmitted between wired and wireless networks to keep the transmission private.
Loop
A data path loop forms when there is more than one path or route between two networked devices. A loop in a network may result in a broadcast storm.
Broadcast Storm
A broadcast storm occurs when a packet triggers multiple responses from all hosts on a network or when computers attempt to respond to a host that never replies. As a result, duplicated packets are continuously created and circulated in the network, thus reducing network performance or even rendering it inoperable.
Spanning Tree Algorithm
The spanning-tree algorithm calculates the best loop-free path throughout a switched network.
Set-top Box
A set-top box is a device that provides services such as High Definition Television (HDTV), content decryption, personal video recorder, electronic programming guide, VoIP, Web browsing and interactive television features.
Acknowledged Alarms
This means that an administrator has decided to handle the cause of this alarm. Other administrators see that person’s name in their alarm screen, thus avoiding duplicate effort to solve the same problem.
Active Alarms
“Active” is the initial state of an alarm, which means the alarm is new and an administrator is yet to assume responsibility for handling it.
A-end (IPSec)
This is the end of a VPN tunnel opposite the Z-end (see also Z-end).
Auto-crossover
An auto-crossover Ethernet port enables you to use either a crossover Ethernet cable or a straight-through Ethernet cable to connect your device to either a computer or external hub. In other words these ports automatically adjust according to the type of cable so that either straight-through Ethernet cable or crossover Ethernet cable may be used.
Band Plan (VDSL)
Each VDSL mode operates in a different frequency range called a band plan.
Bridge Priority
RSTP (or STP) uses bridge priority to determine the root device, root port and designated port. The device with the highest priority becomes the STP root device. If all devices have the same priority, the device with the lowest MAC address will then become the root device.
Max Age
In RSTP (or STP), this is the maximum time (in seconds) a device waits without receiving a configuration message before attempting to reconfigure.
BPDU
RSTP (or STP)-aware devices periodically exchange configuration messages called Bridge Protocol Data Units (BPDUs). When the bridged LAN topology changes, a new spanning tree is constructed.
MDI/MDIX
MDI (Medium Dependent Interface)/MDIX (MDI crossover) is a type of Ethernet port. MDI ports connect to MDIX ports using straight-through Ethernet cables; both MDI-to-MDI and MDIX-to-MDIX connections use crossover Ethernet cables.
SPQ
Strict Priority Queuing (SPQ) services queues based on priority only. As traffic comes into the switch, traffic on the highest priority queue is transmitted first. When that queue empties, traffic on the next highest-priority queue is transmitted until that queue empties, and so on. If higher priority queues never empty, then traffic on lower priority queues never gets sent. See also Queuing Algorithms.
Path Cost
In RSTP (or STP), path cost is the cost of transmitting a frame onto a LAN through that port. It is assigned according to the speed of the link to which a port is attached. The slower the media, the higher the cost.
STUN
STUN allows a device to find the public IP address assigned by a NAT router and/or a firewall between it and the public Internet. See RFC 3489 for details on STUN.
Management VID
Management VLAN ID is the VLAN ID of the CPU and is used for management only. To access the switch make sure the port that you are connected to is a member of Management VLAN.
Reset Button
This hardware button is used to restore the factory default settings.
Reverse Engineering
Reverse engineering means analyzing software, firmware, or hardware to find out how it works.
Root Bridge
In RSTP (or STP), the root bridge is the base of the spanning tree; it is the bridge with the lowest identifier value (MAC address).
Subnetting
With subnetting, the class arrangement of an IP address is ignored. For example, a class C address no longer has to have 24 bits of network number and 8 bits of host ID. With subnetting, some of the host ID bits are converted into network number bits.
UID
User IDentification is equivalent to your user name. Usually a password is associated with a UID or user name.
Uplink Port
This port connects to an external switching hub, router or server.
Z-end (IPSec)
This is the end of a VPN tunnel opposite the A-end (see also A-end).
Local Loopback Test
A local loopback test is used to check the device's DSL chip. A local loopback test failure indicates an internal device problem.
Remote Loopback Test
A remote loopback test is used to test the connection between two DSL devices. The local device sends an Ethernet frame to the other (remote) DSL device and checks for it to be returned.
Port Bonding
This is the aggregation of separate physical DSL port links into one logical link; for example, three SHDSL links of 2.3 Mbps can be aggregated into one logical 6.9 Mbps link.
Port Trunking
This is the aggregation of separate physical port links into one logical link; for example, two fast Ethernet links can be aggregated into one logical 200 Mbps link.
Dotted-decimal Notation
This is the writing out of a decimal number (base-10) using periods (dots or decimals) to separate it into parts. This is commonly used for IP addresses, such as 192.168.1.1. Also referred to as dot-decimal format.
Dot-decimal Format
See dotted-decimal notation.
Jam Signal
In Ethernet networks, when a transmitting station detects a collision, it stops transmitting and sends a 32-bit jam sequence to inform other stations to (momentarily) stop transmitting so that it can transmit.
Hexadecimal Notation
Hexadecimal notation is a base-16 number as opposed to decimal (base-10) or binary (base 2). This number representation uses 0-9 along with the letters a-f to represent the (decimal) numbers 10 to 15. The right-most digit represents ones, the next represents multiples of 16, then 16 squared (256), 16 cubed (4096) and so on. MAC addresses are usually written in hexadecimal notation, for example 00:a0:c5:01:23:43.
Back Pressure Flow Control
Back Pressure flow control is typically used with Ethernet ports operating in half duplex mode to send a “collision” signal to the sending port (mimicking a state of packet collision) causing the sending port to temporarily stop sending signals and resume sending them later.
Flow Control
Flow control is used to manage the sending of traffic so the sending device does not transmit more than the receiving device can process. This helps prevent traffic from being dropped and having to be resent. See also IEEE802.3 Flow Control and Back Pressure Flow Control.
IEEE802.3 Flow Control
IEEE802.3 flow control is typically used with Ethernet ports operating in full duplex mode to send a pause signal to the sending port, causing it to temporarily stop sending signals when the receiving port’s memory buffers are full.
UTC
UTC is a standard time for use around the world (formerly known as Greenwich Mean Time or GMT). UTC is an international abbreviation that is neither French nor English. It means both "Temps Universel Coordonné" and "Coordinated Universal Time".
OAM F5 Loopback Test
An Operational, Administration and Maintenance Function 5 test is used to test the connection between two DSL devices. First, the DSL devices establish a virtual circuit. Then the local device sends an ATM F5 cell to be returned by the remote DSL device (both DSL devices must support ATM F5 in order to use this test).
Daisychain
In networking, to daisy chain devices it to connect them to each other in a series (cascaded). See also Subtending Port.
ADSL2
ADSL2 (ITU G.992.3 and G.992.4) offers improved performance and interoperability over ADSL. Key improvements are enhanced data rates, loop reach, diagnostics, rate adaptation and power management.
NAT Traversal(VPN/IPSec)
NAT traversal allows IPSec tunnels using the ESP protocol to pass through NAT-enabled routers.
ID Content
In IPSec, the ID type and ID content identify an individual Security Association (SA). The ID type can be a domain name, an IP address or an e-mail address. The ID content is the IP address, domain name, or e-mail address.
SNR
Signal-to-Noise Ratio (SNR) is the ratio of the amplitude of the desired (DSL) signal to the amplitude of noise signals at a given point in time. The higher the SNR number, the better the line quality.
Tx KB/s
This is the number of kilobytes per-second transmitted on an interface.
Rx KB/s
This is the number of kilobytes per-second received on an interface.
Rx CRC
This is the number of frames received on this interface with CRC (Cyclic Redundant Check) error(s).
ID Type
In IPSec, the ID type and ID content identify an individual SA. The ID type can be a domain name, an IP address or an e-mail address. The ID content is the IP address, domain name, or e-mail address. When used with aggressive negotiation mode, the ID type and content allow an IPSec router to distinguish between SAs that connect from IPSec endpoints with dynamic IP addresses. For example, several telecommuters with dynamic IP addresses can use separate passwords to simultaneously connect to an IPSec router. With main negotiation mode, the ID type and content act as an extra level of identification for incoming SAs.
Fragment
These are packets less than 64 octets long, and with either CRC (Cyclic Redundant Check) or alignment error(s).
Jabber
These are packets that are greater than the maximum octets (specified for the system by the configuration software) long and with either CRC or alignment error(s).
MSE
Minimum Square Error (MSE) is the minimum mean-square error (also known as MMSE) performance measure is a popular metric for optimal signal processing.
Auto-MDI/MDIX
Auto-MDI (Medium Dependent Interface)/MDIX (MDI crossover) is an Ethernet port feature that automatically adjusts to crossover or straight-through Ethernet cable so you can use either to connect your device to a computer or a switch/external hub. See also auto-crossover.
Broadcast Storm Control
Broadcast Storm Control limits the number of broadcast frames that can be stored in the switch buffer or sent out from the switch within a certain time. Broadcast frames that arrive when the buffer is full are discarded.
802.1x
See IEEE 802.1x.
Octet
In computer networking an octet is an 8-bit binary digit (byte).
Port Security
Port security allows only packets with dynamically learned MAC addresses and/or configured static MAC addresses to pass through a port on the switch.
CON/AUX Switch and Port
Set the CON/AUX switch to the “CON” side when using the CON/AUX port as a regular console port for local device configuration and management. Set this switch to the “AUX” side when using the CON/AUX port as an auxiliary dial-up WAN connection.
Dynamic Link Aggregation
The IEEE802.3ad standard describes Link Aggregate Control Protocol (LACP), which is a protocol that dynamically creates and manages trunk groups. When you enable LACP link aggregation on a port, the port can automatically negotiate with the ports at the remote end of a link to establish trunk groups. LACP also allows port redundancy, that is, if an operational port fails, then one of the “standby” ports becomes operational without user intervention.
LACP
The IEEE802.3ad standard describes Link Aggregate Control Protocol (LACP), which is a protocol that dynamically creates and manages trunk groups. When you enable LACP link aggregation on a port, the port can automatically negotiate with the ports at the remote end of a link to establish trunk groups. LACP also allows port redundancy, that is, if an operational port fails, then one of the “standby” ports becomes operational without user intervention.
MIB
A Management Information Base (MIB) is a collection of managed objects. The managed devices contain object variables/managed objects that define each piece of information to be collected about a device. Examples of variables include such as the number of packets received, node port status and so on.
NAT Traversal (UPnP)
UPnP NAT traversal automates the process of allowing an application to operate through NAT. UPnP network devices can automatically configure network addressing, announce their presence in the network to other UPnP devices and enable exchange of simple product and service descriptions.
Port Mirroring
Port mirroring allows you to copy traffic from one port to another port in order to examine the first port’s traffic without interfering with it.
Rate Adaption
Rate adaption is the ability of the device to adjust the configured transmission rate to the attainable transmission rate automatically depending on your telephone line quality.
Service Access Control
Service Access Control allows you to decide what services may access the ZyXEL device. You may also choose to allow only clients with specific IP addresses to use a service to access the ZyXEL device.
Trunking
Trunking (link aggregation) is the grouping of physical ports into one logical higher-capacity link. You may want to trunk ports of for example, if it is cheaper to use multiple lower-speed links than to under-utilize a higher-speed, but more costly, port link. However, the more ports you aggregate to get higher bandwidth then the fewer available ports you have.
UPnP
Universal Plug and Play (UPnP) is a distributed, open networking standard that uses TCP/IP for simple peer-to-peer network connectivity between devices. A UPnP-enabled device can dynamically join a network, obtain an IP address, convey its capabilities and learn about other devices on the network.
EAP-TLS
EAP-TLS (Extensible Authentication Protocol -Transport Layer Security) authentication uses digital certifications for mutual authentication. The server presents a certificate to the client. After validating the identity of the server, the client sends a certificate to the server. The exchange of certificates is done in the open before a secured tunnel is created.See also EAP and EAP-TTLS.
Digital Certificate
A digital certificate is an electronic ID card that proves the sender’s identity. A digital certificate is issued by a certificate authority.
EAP-TTLS
EAP-TTLS (Extensible Authentication Protocol-Tunneled Transport Layer Service) authentication is a type of mutual authentication where just the server sends a digital certificate to identify itself to the clients. See also EAP and EAP-TLS.
Linux
Linux is a free, open-source UNIX-type operating system.
Cracking
This is the act of breaking into computers, bypassing passwords or licenses in a computer program or intentionally breaching computer security.
Mirror Port
This is a port that copies the network traffic of another port for the purpose of analyzing the network traffic. This is also known as the sniffer port or the analysis port.
Monitor Port
This is a port whose traffic is duplicated and analyzed by a sniffer port. This is also known as the source port.
WFQ
Weighted Fair Queuing (WFQ) services queues based on their priority and queue weight. Queues with larger weights get more service than queues with smaller weights. This queuing mechanism is highly efficient in that it divides any available bandwidth across the different traffic queues. See also Queuing Algorithms.
Cluster Management
Cluster management allows you to manage switches through one switch, called the cluster manager. The switches must be directly connected and be in the same VLAN group so as to be able to communicate with one another.
Cluster Manager
The cluster manager is the switch through which you manage the cluster member switches.
Cluster Members
The cluster members are the switches being managed by the cluster manager switch.
Clustering Candidates
Clustering candidates are switches that are potential cluster members.
Filtering Database
The filtering database shows how frames are forwarded or filtered across a switch’s ports. The switch uses the filtering database to determine how to forward frames.
CLI
In this interface, you can use line commands to configure the device or perform advanced device diagnostics and troubleshooting.
WPA
Wi-Fi Protected Access (WPA) is a subset of the IEEE 802.11i standard. WPA applies IEEE 802.1x and Extensible Authentication Protocol (EAP) to authenticate wireless clients using an external RADIUS database. WPA encrypts data by using Temporal Key Integrity Protocol (TKIP), Message Integrity Check (MIC) and IEEE 802.1x. See also WPA-PSK (WPA -Pre-Shared Key).
WPA-PSK
WPA-PSK (WPA -Pre-Shared Key) requires a single (identical) password entered into each access point, wireless gateway and wireless client. As long as the passwords match, a client will be granted access to a WLAN. See also WPA.
TKIP
Temporal Key Integrity Protocol (TKIP) is an encryption protocol that uses 128-bit keys that are dynamically generated and distributed by the authentication server. TKIP regularly changes and rotates the encryption keys so that the same encryption key is never used twice.
MIC
Message Integrity Check (MIC, also named Michael) is a function designed to detect if someone has covertly altered data packets. The receiver and the transmitter each compute and compare the MIC. If they do not match, it is assumed that the data has been tampered with and the packet is dropped.
Wireless Client Supplicants
A wireless client supplicant is the software that runs on an operating system instructing the wireless client how to use WPA.
ISO
The International Organization for Standardization is based in Geneva and is responsible for a wide range of standards including ones that apply to networking.
Bridge Mode
An AP in bridge mode can function as a wireless network bridge allowing you to connect two wired network segments. The peer device also must be in bridge mode. This wireless bridge connection is equivalent to a Wireless Distribution System (WDS). See also WDS.
Channel
A channel is a radio frequency used by a wireless device. Channels available depend on your geographical area.
ESS ID
An Extended Service Set (ESS) is a group of access points connected to a wired LAN on the same subnet. An ESS ID uniquely identifies each group. All access points and their associated wireless stations in the same group must have the same ESSID.
Fragmentation Threshold
A Fragmentation Threshold is the maximum data fragment size that can be sent in a wireless network before the AP fragments the packet into smaller data frames.
IBSS
An IBSS, also called an Ad-hoc network, is defined as two or more computers with wireless adapters within range of each other that form an independent (wireless) network without the need of an access point (AP).
Multi-ESS
Multiple ESS is a function that allows multiple ESSs to be configured on just one access point. Wireless stations can use different ESSIDs to associate with the same AP. Only wireless stations with the same ESSID can communicate with each other. This allows the AP to logically group wireless stations in a manner similar to VLAN (Virtual LAN).
PoE
PoE is the ability to provide power to a PoE-enabled device via an 8-pin CAT 5 Ethernet cable, eliminating the need for a nearby power source.
WDS
A Distribution System (DS) is a wired connection between two or more APs, while a WDS is a wireless connection. An AP using WDS can function as a wireless network bridge allowing you to wirelessly connect two wired network segments.
Hotspot
Hotspots are public areas, such as airports, hotels, coffee shops, where end users can access the Internet via a mobile device.
Immediate Dial
Immediate dial allows you to make a phone make call immediately after you press a certain key (for instance the # key).
Portal Page
A portal page is the first web site to which a subscriber is directed after logging in successfully.
Walled Garden
This is a list of web site address(es) which all users can access without logging in.
PMS
PMS is an automated billing system commonly used by hotels to perform in-room billing of services.
Account Generator Printer
When connected to an Internet service gateway device, an account generator printer allows you to create and print out subscriber accounts automatically. The account generator printer is also known as the statement printer.
Statement Printer
See account generator printer.
Billing Profile
A billing profile is a template of predefined billing parameters such as time unit, unit cost and/or account expiration time.
Passphrase
A passphrase is a string of text used for automatic WEP key generation on wireless client adapters.
BLES
Broadband Loop Emulation Service (Voice over DSL, TR-039 Annex A) is a DSL forum standard that provides architectural requirements and recommendations for using the Loop Emulation Standard (see LES) to | 
_444x112.jpg)
