-
The Triple Data Encryption Algorithm (TDEA or Triple DEA), is a symmetric-key block cipher, which applies the DES cipher algorithm three times to each data block. This triple strength version of the DES cryptographic standard, typically, uses a 168-bit key.
-
An Acceptable Use Policy is an official statement on how an organization expects its employees to conduct messaging and Internet access on the organization’s email and Internet systems. The policy explains the organization’s position on how its users should conduct communication within and outside of the organization both for business and personal use.
-
The process of preventing unauthorized access to computers, programs, processes, or systems.
-
The access point (AP) or wireless access point (WAP) is a networking device that allows a wireless device, such as a smartphone or tablet, to connect to a wired network. Typically, the AP connects to the wired network via a Router but can be an integral component of the router itself.
-
Microsoft directory service for organizations. It contains information about organizational units, users and computers.
-
A Microsoft reusable component technology used in many VPN solutions to provide VPN client access in a road warrior's web browser.
-
Microsoft directory service for organizations. It contains information about organizational units, users and computers.
-
A protocol that maps IP addresses to MAC address.
-
A method of encryption selected by NIST as a replacement for DES and 3DES. AES supports key lengths of 128-bit, 192-bit and 256-bit. AES provides high security with fast performance across multiple platforms.
-
A Smoothwall product that combines the web filtering functionality of the SWG product with Firewall functionality to prevent intrusion and protect your network.
-
A network attack in which an unauthorized person gains access to a network and stays there undetected for a long period of time. The intention of an APT attack is to steal data rather than to cause damage to the network or organization.
-
A method of encryption selected by NIST as a replacement for DES and 3DES. AES supports key lengths of 128-bit, 192-bit and 256-bit. AES provides high security with fast performance across multiple platforms.
-
Forms part of the IPsec protocol suite. AH authenticates the source of the IP packets, known as datagrams, to maintain information integrity, but not secrecy.
-
In Smoothwall terminology, an alias is an additional public IP address that operates as an alternative identifier of the interface.
-
The ability to prevent bypass of your AUP.
-
A solution that prevents Malware from attacking your computer or network.
-
A Smoothwall add-on module that protects email servers and users by blocking Malware and Spam at the network perimeter.
-
The access point (AP) or wireless access point (WAP) is a networking device that allows a wireless device, such as a smartphone or tablet, to connect to a wired network. Typically, the AP connects to the wired network via a Router but can be an integral component of the router itself.
-
A network attack in which an unauthorized person gains access to a network and stays there undetected for a long period of time. The intention of an APT attack is to steal data rather than to cause damage to the network or organization.
-
The backup file, with a tar.gz file extension, containing all the configuration from the Smoothwall.
-
A protocol that maps IP addresses to MAC address.
-
Used by Address Resolution Protocol to maintain the correlation between IP addresses and MAC addresses.
-
An Acceptable Use Policy is an official statement on how an organization expects its employees to conduct messaging and Internet access on the organization’s email and Internet systems. The policy explains the organization’s position on how its users should conduct communication within and outside of the organization both for business and personal use.
-
The process of verifying identity or authorization.
-
Authentication exceptions are those websites that users must be able to access without authenticating first, such as software update site.
-
Forms part of the IPsec protocol suite. AH authenticates the source of the IP packets, known as datagrams, to maintain information integrity, but not secrecy.
-
Bandwidth is the rate that data can be carried from one point to another. Measured in bits per second (bps) or kilobits per second (Kbps).
-
A Smoothwall feature that allows you to shape the data traffic throughput of interfaces, IP addresses, and groups, and for applications.
-
A certificate format — in binary form, 8-bit compatible version of PEM.
-
A collection of domains, URLs, and websites that are users are unable to browse to.
-
Bonding interfaces are software Interface that combine NIC to provide High Availability. Note that this does not increase throughput.
-
Bridge interfaces are software Interface that link DMZ. For example, linking the wireless interface to the wired network.
-
The practice of allowing the employees of an organization to use their own computers, smartphones, or other devices for work purposes.
-
A Linux file system. This is the file system used when System Restore is enabled. https://en.wikipedia.org/wiki/Btrfs
-
An error caused when a program tries to store too much data in a temporary storage area. This can be exploited by Hacker to execute malicious code.
-
A certificate format — in binary form, 8-bit compatible version of PEM.
-
The practice of allowing the employees of an organization to use their own computers, smartphones, or other devices for work purposes.
-
A trusted network entity, responsible for issuing and managing X509 digital certificates.
-
Pronounced "cash". A software data storage facility used to store data from previous requests, so future requests are processed faster.
-
Typically used in public networks, such as hotel lobbies, airports, coffee shops, captive portals are web pages that users must view and interact with before access to the network is granted. This interaction usually takes the form of user authentication.
-
The term used to describe a Cluster-like Smoothwall configuration, where one Smoothwall runs as the Parent node with one or more compatible Smoothwall's running as Child node being managed by the parent.
-
A digital certificate is a file that uniquely identifies its owner. A certificate contains owner identity information and its owner's public key. Certificates are created by Certificate Authority.
-
A trusted network entity, responsible for issuing and managing X509 digital certificates.
-
A trusted network entity, responsible for issuing and managing X509 digital certificates.
-
A child node is a device on a network that is managed by another device named as the Parent node. In Central management terms, this is a Smoothwall appliance that is a Proxy for its own users. but receives configuration from the parent Smoothwall. In turn, logs and reporting data is sent to the parent node and managed there.
-
A laptop running Chrome OS as the operating system, designed primarily for use whilst connected to the Internet. Due to this and the low cost, Chromebook devices have emerged as the "go-to" device for schools.
-
A cryptographic algorithm.
-
Encrypted data which cannot be understood by unauthorized parties. Ciphertext is created from plain text using a cryptographic algorithm.
-
Any computer or program connecting to, or requesting the services of, another computer or program.
-
In networking terms, a cluster consists of connected servers and computers that work together for a common purpose, such that they are viewed as a single system. Smoothwall appliances configured as a cluster are referred to as a Central management.
-
Connect Filter is a Smoothwall product that redirects web requests from client devices to Smoothwall's web filter. This allows you to enforce your organization's web content filtering policy on devices owned by your organization, wherever they are located. Supported devices are iOS, Mac OS, and Windows devices.
-
Also known as command line interface. An alternative to the user interface, the terminal is another means of interacting with software, by means of a text interface.
-
Identifying brand new web content in real-time, long before URL Blocklist come into play. This tool uses the context of the information on the page to decide if it should be blocked or not.
-
A cookie is a piece of data that is sent from a website and stored in users' web browsers. These are used to record events occurring during browsing time — or example, items added to shopping carts, or user information added to fields. More importantly, it is used as part of user authentication to inform the web browser whether the user is logged in and which account they are using.
-
A malicious Hacker, destroying vital data, deny legitimate users service, etc.
-
A network cable with TX and RX (transmit and receive) reversed at either end to provide a direct peer-to-peer network connection.
-
The study and use of methods designed to make information unintelligible.
-
A cryptographic algorithm.
-
Encrypted data which cannot be understood by unauthorized parties. Ciphertext is created from plain text using a cryptographic algorithm.
-
A historical 64-bit encryption algorithm still widely used today. DES is scheduled for official obsolescence by the US government agency NIST.
-
The datastore contains all Guardian, Anti-Spam, and web traffic log files, as well as the resulting file indexes used for reporting.
-
The Triple Data Encryption Algorithm (TDEA or Triple DEA), is a symmetric-key block cipher, which applies the DES cipher algorithm three times to each data block. This triple strength version of the DES cryptographic standard, typically, uses a 168-bit key.
-
Also called Complete Packet Inspection or Information Extraction (IX). A form of computer network packet filtering that examines the data part (and possibly also the header) of a packet as it passes an inspection point. This examination searches for protocol non-compliance, viruses, spam, intrusions, or defined criteria to decide whether the packet may pass, if it needs to be routed to a different destination or is merely for the purpose of collecting statistical information.
-
The Gateway in a network that will be used to access another network if a gateway is not specified for use.
-
A physical or logical Subnet that contains and isolates an organization’s external-facing services to a larger and untrusted network. For example, the Internet.
-
Occurs when a network host is flooded with large numbers of automatically generated data packets. The receiving host typically slows to a halt while it attempts to respond to each request.
-
A certificate format typically used by Microsoft Windows operating systems.
-
A historical 64-bit encryption algorithm still widely used today. DES is scheduled for official obsolescence by the US government agency NIST.
-
Destination Network Address Translation (DNAT) is when the destination address of the network packet is changed, that is, changing where it is going to. DNAT is always done before routing. Port forward, Link load balancing, and Transparent proxying are all forms of DNAT.
-
A protocol for automatically assigning IP address to Host joining a network.
-
Diffie-Hellman key exchange uses a group of standardized global unique prime numbers and generators to provide secure asymmetric key exchange.
-
A digital certificate is a file that uniquely identifies its owner. A certificate contains owner identity information and its owner's public key. Certificates are created by Certificate Authority.
-
A certificate format typically used by Microsoft Windows operating systems.
-
A physical or logical Subnet that contains and isolates an organization’s external-facing services to a larger and untrusted network. For example, the Internet.
-
Destination Network Address Translation (DNAT) is when the destination address of the network packet is changed, that is, changing where it is going to. DNAT is always done before routing. Port forward, Link load balancing, and Transparent proxying are all forms of DNAT.
-
A name resolution service that translates a Domain to an IP address and vice versa
-
A distinct subset of the Internet, sharing a common name and suffix. Typically, each domain is under the control of an individual or organization.
-
A server on a Microsoft Windows network that is responsible for allowing host access to a Windows domain's resources.
-
A name resolution service that translates a Domain to an IP address and vice versa
-
Occurs when a network host is flooded with large numbers of automatically generated data packets. The receiving host typically slows to a halt while it attempts to respond to each request.
-
Also called Complete Packet Inspection or Information Extraction (IX). A form of computer network packet filtering that examines the data part (and possibly also the header) of a packet as it passes an inspection point. This examination searches for protocol non-compliance, viruses, spam, intrusions, or defined criteria to decide whether the packet may pass, if it needs to be routed to a different destination or is merely for the purpose of collecting statistical information.
-
A protocol for automatically assigning IP address to Host joining a network.
-
A non-permanent IP address automatically assigned to a host by a DHCP server.
-
A device which generates one-time passwords based on a challenge / response procedure.
-
The knowledge of maximizing users' personal safety and security risks to private information and property associated with using the internet, and the self-protection from computer crime in general
-
The practice of monitoring, and potentially restricting, the flow of information outbound from one network to another.
-
A protocol within the IPsec protocol suite that provides encryption services for VPN data.
-
The transformation of Plaintext into a less readable form (see Ciphertext) through a mathematical process. A ciphertext may be read by anyone who has the key to decrypt it (undoes the encryption).
-
A protocol within the IPsec protocol suite that provides encryption services for VPN data.
-
A Microsoft messaging system including mail server, email client and groupware applications (such as shared calendars).
-
A hardware or software vulnerability that can be "exploited" by a Hacker to gain access to a system or service.
-
In Smoothwall terminology, an alias is an additional public IP address that operates as an alternative identifier of the interface.
-
Failover is a backup operation for when functions of a system fail or terminate. Smoothwall failover systems are configured in a primary and secondary configuration, where the secondary Smoothwall appliance "takes over" should the primary appliance cease functioning for whatever reason.
-
Federated Login enables users of the Smoothwall authentication service to authenticate themselves using third party authentication systems, such as a Google application, using their Google user credentials.
-
A standard network protocol used to transfer computer files between a client and server on a computer network.
-
A filter is a collection of categories containing URLs, domains, phrases, lists of file types and replacement rules. Filters are used in policies to determine if a user should be allowed access to requested information or files using their web browser. Guardian is Smoothwall's web filter.
-
Federal Information Processing Standards, see NIST.
-
A combination of hardware and software used to prevent access to private network resources.
-
A standard network protocol used to transfer computer files between a client and server on a computer network.
-
A network point that acts as an entrance to another network.
-
Europe's framework for data protection laws it replaced the previous 1995 data protection directive.
-
Europe's framework for data protection laws it replaced the previous 1995 data protection directive.
-
A Smoothwall feature that allows direct connection to the Guardian web filter for remote devices, through external interfaces.
-
A Smoothwall product providing Web filter facilities.
-
Failover is a backup operation for when functions of a system fail or terminate. Smoothwall failover systems are configured in a primary and secondary configuration, where the secondary Smoothwall appliance "takes over" should the primary appliance cease functioning for whatever reason.
-
A highly proficient computer programmer who seeks to gain unauthorized access to systems without malicious intent.
-
Failover is a backup operation for when functions of a system fail or terminate. Smoothwall failover systems are configured in a primary and secondary configuration, where the secondary Smoothwall appliance "takes over" should the primary appliance cease functioning for whatever reason.
-
A computer connected to a network.
-
A name used to identify a network Host.
-
Hypertext is structured text that links (hyperlink) between bodies of text. HTTP is the protocol for these data links on the Internet, that is, the communication protocol.
-
A secure version of HTTP using SSL.
-
A simple network device for connecting networks and network hosts.
-
Hypertext is structured text that links (hyperlink) between bodies of text. HTTP is the protocol for these data links on the Internet, that is, the communication protocol.
-
One of the core protocols of the Internet protocol suite. It is chiefly used by networked computers' operating systems to send error messages indicating, for example, that a requested service is not available or that a host or router could not be reached.
-
The Intrusion Detection System performs real-time packet analysis on all network traffic in order to detect malicious network activity
-
A branch of the Internet Society (ISOC) tasked with making "the Internet work better by producing high quality, relevant technical documents that influence the way people design, use, and manage the Internet." — https://www.ietf.org/.
-
IKE, also IKEv1 or IKEv2, depending on version is an IPsec (Internet Protocol Security) standard protocol used to ensure security for virtual private network (VPN) negotiation and remote host or network access.
-
A type of online chat functions where real-time text messages are exchanged.
-
A Smoothwall feature that logs IM traffic passing through it.
-
A type of online chat functions where real-time text messages are exchanged.
-
A Smoothwall feature that logs IM traffic passing through it.
-
ISDN is the communication protocol for transmitting network services such as data, voice, and video, over the public telephone network (PSTN).
-
In Smoothwall terms, an interface refers to how the Smoothwall appliance connects to client devices. This can either be via physical NIC, or via a software interface
-
One of the core protocols of the Internet protocol suite. It is chiefly used by networked computers' operating systems to send error messages indicating, for example, that a requested service is not available or that a host or router could not be reached.
-
A branch of the Internet Society (ISOC) tasked with making "the Internet work better by producing high quality, relevant technical documents that influence the way people design, use, and manage the Internet." — https://www.ietf.org/.
-
IKE, also IKEv1 or IKEv2, depending on version is an IPsec (Internet Protocol Security) standard protocol used to ensure security for virtual private network (VPN) negotiation and remote host or network access.
-
A set of rules governing the format of data sent over the Internet or other network.
-
An internationally recognized VPN protocol suite developed by the Internet Engineering Task Force (IETF).
-
The company that provides and bills private homes and organizations for their Internet connection. Note this may not always be the same company that owns and operates the public network.
-
The Intrusion Detection System performs real-time packet analysis on all network traffic in order to detect malicious network activity
-
The Intrusion Prevention System performs real-time packet analysis on all network traffic in order to prevent malicious network activity
-
A set of rules governing the format of data sent over the Internet or other network.
-
A 32-bit number that identifies each sender and receiver of network data.
-
The Linux packet filtering tool used by Smoothwall to provide firewall capabilities.
-
The Intrusion Prevention System performs real-time packet analysis on all network traffic in order to prevent malicious network activity
-
An internationally recognized VPN protocol suite developed by the Internet Engineering Task Force (IETF).
-
A "helper" application on Network Address Translation (NAT) devices that allows IPsec VPN traffic to pass through.
-
ISDN is the communication protocol for transmitting network services such as data, voice, and video, over the public telephone network (PSTN).
-
ISO images are a common format for burning data onto CDs and DVDs. Smoothwall uses this format for providing installation media for its products.
-
ISO images are a common format for burning data onto CDs and DVDs. Smoothwall uses this format for providing installation media for its products.
-
The company that provides and bills private homes and organizations for their Internet connection. Note this may not always be the same company that owns and operates the public network.
-
A lightweight, human-readable file format used by many systems.
-
A lightweight, human-readable file format used by many systems.
-
A secure method for authenticating a request for a service in a computer network. In Smoothwall terms, this protocol is only used with Microsoft's Active Directory.
-
A keytab is a file containing Kerberos-encrypted keys.
-
The core part of an operating system that provides services to all other parts the operating system.
-
A string of bits used with an algorithm to encrypt and decrypt data. Given an algorithm, the key determines the mapping of Plaintext to Ciphertext.
-
The name given to the range of possible values for a Key. The key space is the number of bits needed to count every distinct key. The longer the key length (in bits), the greater the key space.
-
Layer 2 refers to the data link layer of the Open Systems Interconnection model (OSI model) of computing. VPNs provide the link between networks. L2F is a VPN system, developed by Cisco Systems.
-
Layer 2 refers to the data link layer of the Open Systems Interconnection model (OSI model) of computing. VPNs provide the link between networks. A protocol based on IPsec which combines Microsoft PPTP and Cisco Systems L2F VPN protocols.
-
A network between hosts in a similar, localized geography.
-
Layer 2 refers to the data link layer of the Open Systems Interconnection model (OSI model) of computing. VPNs provide the link between networks. L2F is a VPN system, developed by Cisco Systems.
-
Layer 2 refers to the data link layer of the Open Systems Interconnection model (OSI model) of computing. VPNs provide the link between networks. A protocol based on IPsec which combines Microsoft PPTP and Cisco Systems L2F VPN protocols.
-
Layer 7 refers to the application layer of the Open Systems Interconnection model (OSI model) of computing. Bandwidth Management uses Layer 7 application control to manage available bandwidth for specified applications.
-
A bespoke high-speed, high-capacity, site-to-site network that is installed, leased and managed by a telephone company.
-
A Guardian policy action. Users are allowed through to the requested websites but only for a limited period.
-
LLB describes the process of sharing traffic originating from IP address, across multiple Interfaces to increase available bandwidth, maximize throughput, and add redundancy.
-
LLB describes the process of sharing traffic originating from IP address, across multiple Interfaces to increase available bandwidth, maximize throughput, and add redundancy.
-
A network between hosts in a similar, localized geography.
-
A method to stop an unauthorized attempt to gain access to a computer. For example, a three try limit when entering a password. After three attempts, the system locks out the user.
-
The unique hardware identifier of a NIC.
-
An entry in a domain name database that specifies an email server to handle a domain name's email.
-
Software which is specifically designed to disrupt or damage a computer or network.
-
In Smoothwall terms, MITM refers to situations where the Smoothwall appliance is between the client device and the Internet, for example, for the purposes of HTTPS decrypt and inspect.
-
A database used to manage elements of a network.
-
The maximum transmission unit is the maximum size of a packet communicated through the tunnel
-
The unique hardware identifier of a NIC.
-
Message censor is a feature of the IM proxy that monitors instant messages to either accept, modify, block, or log content.
-
A database used to manage elements of a network.
-
In Smoothwall terms, MITM refers to situations where the Smoothwall appliance is between the client device and the Internet, for example, for the purposes of HTTPS decrypt and inspect.
-
The maximum transmission unit is the maximum size of a packet communicated through the tunnel
-
Multi-Tenant Managed Systems provides a means of logically partitioning a Smoothwall network into multiple virtual instances. Each instance, referred to as a tenant, is managed individually. For example, within a Smoothwall school district, each school would be managed as an individual tenant.
-
Multi-Tenant Managed Systems provides a means of logically partitioning a Smoothwall network into multiple virtual instances. Each instance, referred to as a tenant, is managed individually. For example, within a Smoothwall school district, each school would be managed as an individual tenant.
-
An entry in a domain name database that specifies an email server to handle a domain name's email.
-
Nagios is a monitoring tool, used to ensure mission-critical systems function correctly.
-
Most network devices, such as computers, are assigned a Private IP address. For those devices to connect to the Internet, their router or firewall is assigned a Public IP address. But if multiple devices are using the same router, surely all web requests are sent using the same public IP address? This is where Network Address Translation (NAT) comes into play. When a private IP address makes a request to access data on the Internet, the request is sent to their router. The router recognizes that the request is for the Internet so sends the request out using its own public IP address. The resultant data is sent back to the router using the public IP address. The router recognizes the data is not for itself so translates the public IP address into the private IP address of the requesting device.
-
NIST produces security and cryptography related standards and publishes them as FIPS (Federal Information Processing Standard) documents.
-
A network mask, or netmask, hides the network part of an IP address so that only the host part of the address remains.
-
Most network devices, such as computers, are assigned a Private IP address. For those devices to connect to the Internet, their router or firewall is assigned a Public IP address. But if multiple devices are using the same router, surely all web requests are sent using the same public IP address? This is where Network Address Translation (NAT) comes into play. When a private IP address makes a request to access data on the Internet, the request is sent to their router. The router recognizes that the request is for the Internet so sends the request out using its own public IP address. The resultant data is sent back to the router using the public IP address. The router recognizes the data is not for itself so translates the public IP address into the private IP address of the requesting device.
-
A Smoothwall product that analyzes and categorizes web content in Real-time content filtering as well as utilizing "on-box" Blocklist to provide a powerful web filter, protecting you from inappropriate or illegal content.
-
A Network Interface Card (NIC) provides the network device with a dedicated, permanent connection to the network.
-
A network mask, or netmask, hides the network part of an IP address so that only the host part of the address remains.
-
A protocol for synchronizing a computer's system clock by querying NTP Servers.
-
A physical or logical Subnet that contains and isolates an organization’s external-facing services to a larger and untrusted network. For example, the Internet.
-
A Network Interface Card (NIC) provides the network device with a dedicated, permanent connection to the network.
-
NIST produces security and cryptography related standards and publishes them as FIPS (Federal Information Processing Standard) documents.
-
A node is an individual part of a network — a printer, a computer, a server, a router, and so on.
-
Also known as manual proxying. This is where the client device, in this instance, the web browser, knows that a Proxy is being used, and so can act accordingly. A great advantage of non-transparent proxying is that malware may not be able to function correctly as they will not have the proxy settings.
-
A suite of Microsoft security protocols that provide authentication, integrity, and confidentiality to users.
-
A suite of Microsoft security protocols that provide authentication, integrity, and confidentiality to users.
-
A protocol for synchronizing a computer's system clock by querying NTP Servers.
-
OAuth is an open protocol for authorization, namely for single sign-on purposes. This allows users to log into web applications using a single account without exposing their password, for example, Google or Facebook accounts.
-
OAuth is an open protocol for authorization, namely for single sign-on purposes. This allows users to log into web applications using a single account without exposing their password, for example, Google or Facebook accounts.
-
An organizational unit (OU) is an object used to distinguish different departments, sites or teams in your organization.
-
An organizational unit (OU) is an object used to distinguish different departments, sites or teams in your organization.
-
Allows users to access media files such as books and movies, using a P2P software program. These search for other computers connected to a P2P network to locate the desired content.
-
In networking terms, a parent node is a Node in a network that has other nodes branching off it. In Central management, this is the Smoothwall that other Smoothwall appliances connect to, to download their configuration from, and upload their log data to.
-
Allows users to access media files such as books and movies, using a P2P software program. These search for other computers connected to a P2P network to locate the desired content.
-
A widely used Microsoft tunneling standard deemed to be relatively insecure.
-
A popular Certificate format.
-
A key-establishment protocol, used to secure previous VPN communications, should a key currently in use be compromised.
-
A key-establishment protocol, used to secure previous VPN communications, should a key currently in use be compromised.
-
Phase 1 of a 2 phase VPN tunnel establishment process. Phase 1 negotiates the security parameter agreement.
-
Phase 2 of 2 phase VPN tunnel establishment process. Phase 2 uses the agreed parameters from Phase 1 to bring the tunnel up.
-
A program used to verify that a specific IP address can be seen from another.
-
A portable container file format for transporting Certificate and private Key.
-
A framework that provides for trusted third party vetting of, and vouching for, user identities; and binding of public Key to users. The public keys are typically in Certificate.
-
Data that has not been encrypted, or Ciphertext that has been decrypted.
-
Used to communicate between two computers via a serial interface such as a telephone line.
-
PPPoE combines the PPP protocol with the network protocol (this is the Ethernet bit), therefore expanding it to support multiple users in a LAN.
-
Contains content filters and, optionally time settings and authentication requirements, to determine how Smoothwall handles web content and downloads to best protect your users and your organization.
-
This is a protocol used by email clients to download email from a remote server. It should be noted that emails are deleted from the email server as soon as the user has downloaded them.
-
A service connection point on a computer system numerically identified between 0 and 65536. Port 80 is the HTTP port.
-
A Firewall rule that routes traffic from a receiving interface and port combination to another interface and port combination. Port forwarding (sometimes referred to as tunneling) is the act of forwarding a network Port from one network Node to another. This technique can allow an external user to reach a port on a Private IP address (inside a LAN) from the outside via a NAT-enabled router.
-
This is a protocol used by email clients to download email from a remote server. It should be noted that emails are deleted from the email server as soon as the user has downloaded them.
-
Used to communicate between two computers via a serial interface such as a telephone line.
-
PPPoE combines the PPP protocol with the network protocol (this is the Ethernet bit), therefore expanding it to support multiple users in a LAN.
-
A widely used Microsoft tunneling standard deemed to be relatively insecure.
-
An authentication mechanism that uses a password exchange and matching process to determine authenticity.
-
A popular Certificate format.
-
A bespoke high-speed, high-capacity, site-to-site network that is installed, leased and managed by a telephone company.
-
Private IP address identify devices on a private network. Private IP addresses can be shared by any number of private networks.
-
A secret encryption key known only by its owner. Only the corresponding public key can decrypt messages encrypted using the private key.
-
A formal specification of a means of computer communication.
-
An intermediary server that mediates access to a service.
-
An authentication mechanism that uses a password exchange and matching process to determine authenticity.
-
Public IP address identify devices on a public network such as the Internet. As such, each public IP address is unique.
-
A publicly available encryption Key that can decrypt messages encrypted by its owner's private key. A public key can be used to send a private message to the public key owner.
-
A portable container file format for transporting Certificate and private Key.
-
A framework that provides for trusted third party vetting of, and vouching for, user identities; and binding of public Key to users. The public keys are typically in Certificate.
-
A free Windows SSH client.
-
In relation to leased lines, QOS is a contractual guarantee of uptime and Bandwidth.
-
In relation to leased lines, QOS is a contractual guarantee of uptime and Bandwidth.
-
RADIUS is a user authentication and accounting protocol.
-
Originally known as Redundant Array of Inexpensive Disks. Data storage technology that combines multiple physical disks into a single point of access. This is typically used for the purposes of data redundancy, performance improvement, or both.
-
A server which can be attached to a LAN to allow dial-up connectivity from other LANs or individual users. RAS has been largely superseded by VPN.
-
The practice of filtering access to websites by analyzing page content and the context of the web request. This analysis is carried out in real-time.
-
Originally known as Redundant Array of Inexpensive Disks. Data storage technology that combines multiple physical disks into a single point of access. This is typically used for the purposes of data redundancy, performance improvement, or both.
-
A release should contain larger platform changes, whereas an Update should contain bug fixes, new features and product improvements.
-
A server which can be attached to a LAN to allow dial-up connectivity from other LANs or individual users. RAS has been largely superseded by VPN.
-
RADIUS is a user authentication and accounting protocol.
-
A representation of a system at a point in time. You can "roll back" to this representation at any time in case of problems, effectively resetting the system.
-
In Smoothwall terms, you use Reverse proxy when you want to make content that sits behind the Smoothwall public, for example, a company website residing on a web server. Rather than exposing the web server to the Internet, you can route web requests for the web server, through the Smoothwall by nominating an internal Interface as the route for that communication. The advantage of doing this is that you can host multiple services behind a single IP address.
-
A routing protocol which helps Router dynamically adapt to changes in network connections by communicating information about which networks each router can reach and how far away those networks are.
-
An individual remote network user, typically a traveling worker "on the road" requiring access to an organization’s network via a laptop. Usually has a Dynamic IP address.
-
In networking terms, a path from one network point to another.
-
A network device that performs traffic redirection for data packets.
-
A routing protocol which helps Router dynamically adapt to changes in network connections by communicating information about which networks each router can reach and how far away those networks are.
-
A table used to provide directions to other networks and hosts.
-
In firewall terminology, rules are used to determine what traffic can move from one network endpoint to another
-
A Smoothwall feature that can help organizations' e-safety legislative responsibilities regarding Internet use.
-
The practice of filtering and blocking specific search terms.
-
A command line interface used to securely access a remote computer.
-
A cryptographic protocol which provides secure communications on the Internet.
-
A Smoothwall product that analyzes and categorizes web content in Real-time content filtering as well as utilizing "on-box" Blocklist to provide a powerful web filter, protecting you from inappropriate or illegal content.
-
A security policy is a collection of procedures, standards and guidelines that state in writing how an organization plans to protect its physical and information technology (IT) assets. It should include password, account and logging policies, administrator and user rights and define what behavior is and is not permitted, by whom and under what circumstances.
-
Typically, a computer that provides shared resources to network users.
-
SNI indicates which hostname is being requested by the user's browser at the beginning of the request. This tells the web server which Certificate to send back. Browsers and servers that support SNI can connect multiple certificates for multiple domains to one IP address and gateway.
-
A protocol for initiating, modifying, and terminating an interactive user session that involves multimedia elements such as video, voice, instant messaging, online games, and virtual reality. Commonly used in VoIP applications.
-
A secure version of FTP that uses SSH.
-
A protocol for sending email messages from one server to another, typically, from the sender's email server to the recipient’s email server.
-
A protocol, implemented on the application layer of the network (layer 7), that enables data gathering from different systems. Enabling this allows the Smoothwall to act as an SNMP agent that gathers and stores all relevant information ready for retrieval by a third-party SNMP management tool.
-
The ability to log-in to multiple computers or servers in a single action by entering a single password, see OAuth.
-
A protocol for initiating, modifying, and terminating an interactive user session that involves multimedia elements such as video, voice, instant messaging, online games, and virtual reality. Commonly used in VoIP applications.
-
A network connection between two LANs, typically between two business sites. Usually uses a Static IP address.
-
A protocol for sending email messages from one server to another, typically, from the sender's email server to the recipient’s email server.
-
A representation of a system at a point in time. You can "roll back" to this representation at any time in case of problems, effectively resetting the system.
-
Network Address Translation hides the source IP address in data packets.
-
SNI indicates which hostname is being requested by the user's browser at the beginning of the request. This tells the web server which Certificate to send back. Browsers and servers that support SNI can connect multiple certificates for multiple domains to one IP address and gateway.
-
A protocol, implemented on the application layer of the network (layer 7), that enables data gathering from different systems. Enabling this allows the Smoothwall to act as an SNMP agent that gathers and stores all relevant information ready for retrieval by a third-party SNMP management tool.
-
Flexible tools to allow read-only access, block social gaming or remove inappropriate content from social media sites.
-
A Guardian policy action. The block page is displayed if a user requests access to the website, but they can choose whether to stop at this point or click through.
-
The Smoothwall SWG product, but only where the software has been purchased. This runs on the customer's own hardware.
-
The Smoothwall UTM product, but only where the software has been purchased. This runs on the customer's own hardware.
-
Network Address Translation hides the source IP address in data packets.
-
Junk email, usually unsolicited.
-
In Smoothwall terms, spoofing allows upstream proxies to see the originating source IP address of requests, rather than the Smoothwall's IP address.
-
A type of exploit whereby hackers can execute SQL statements via an Internet browser.
-
A high-performance Proxy caching server for web clients.
-
A command line interface used to securely access a remote computer.
-
A secure version of FTP that uses SSH.
-
A cryptographic protocol which provides secure communications on the Internet.
-
A VPN accessed via HTTPS from any browser (theoretically). VPNs require minimal client configuration.
-
The ability to log-in to multiple computers or servers in a single action by entering a single password, see OAuth.
-
A portable container file format for transporting Certificate and private Key.
-
An IP address permanently assigned to that network device.
-
A term given to describe a cryptographic system that uses a Key so long that, in practice, it becomes impossible to break the system within a meaningful time frame.
-
An identifiably separate part of an organization’s network.
-
A Smoothwall product that analyzes and categorizes web content in Real-time content filtering as well as utilizing "on-box" Blocklist to provide a powerful web filter, protecting you from inappropriate or illegal content.
-
An intelligent cable junction device that links networks and network hosts together.
-
swurl provides allowing and blocking services to Internet content. URLs to the content can be managed via the user interface.
-
A server used to remotely record logging information.
-
A standard that defines how to establish and maintain a network conversation via which application programs can exchange data. TCP works with IP, together they are the basic rules defining the Internet.
-
The Triple Data Encryption Algorithm (TDEA or Triple DEA), is a symmetric-key block cipher, which applies the DES cipher algorithm three times to each data block. This triple strength version of the DES cryptographic standard, typically, uses a 168-bit key.
-
A tenant is an organization or school. For example, by a multitenant Smoothwall, we mean more than one organization or school using a Smoothwall on-premises appliance.
-
Also known as command line interface. An alternative to the user interface, the terminal is another means of interacting with software, by means of a text interface.
-
The amount of material or items passing through a system or process.
-
A command used to reveal the routing path to Internet hosts, shown as a series of hops from one system to another. A greater number of hops indicates a longer (and therefore slower) connection. Depending on the terminal used, this may be a one-word or two-word command.
-
A command used to reveal the routing path to Internet hosts, shown as a series of hops from one system to another. A greater number of hops indicates a longer (and therefore slower) connection. Depending on the terminal used, this may be a one-word or two-word command.
-
A standard that defines how to establish and maintain a network conversation via which application programs can exchange data. TCP works with IP, together they are the basic rules defining the Internet.
-
With this proxy type, clients do not know they are being proxied, therefore special, extra (to Smoothwall) configuration can be skipped. All traffic destined for the Internet is redirected through the proxy. For Smoothwall configurations, the redirect is to Guardian.
-
The Triple Data Encryption Algorithm (TDEA or Triple DEA), is a symmetric-key block cipher, which applies the DES cipher algorithm three times to each data block. This triple strength version of the DES cryptographic standard, typically, uses a 168-bit key.
-
Also known as VPN. The transmission of data intended for use only within a private network through a public network in such a way that the routing nodes in the public network are unaware that the transmission is part of a private network.
-
Like TCP, UDP is a standard for network conversations. However, there is no error checking, and Route between hosts are not set down.
-
A Smoothwall product that combines the web filtering functionality of the SWG product with Firewall functionality to prevent intrusion and protect your network.
-
A physical device connected to mission-critical systems that provide emergency power should the mains power supply fail.
-
A release should contain larger platform changes, whereas an Update should contain bug fixes, new features and product improvements.
-
A physical device connected to mission-critical systems that provide emergency power should the mains power supply fail.
-
In some network configurations, it may not be the Smoothwall that makes the final connection to the Internet. Clients still proxy through the Smoothwall, but the Smoothwall must forward all or some requests to another web proxy server which makes the final connection to the Internet, referred to as the upstream proxy. For example, in networks where the local authority provides the internet connections for all its schools; each school has their own Smoothwall appliance but must connect to the local authority's web proxy to access the Internet.
-
Like TCP, UDP is a standard for network conversations. However, there is no error checking, and Route between hosts are not set down.
-
A unique name by which each user is known to the network.
-
A cut-down version of the Smoothwall administration user interface, where only specific operations are available.
-
A unique name by which each user is known to the network.
-
A Smoothwall product that combines the web filtering functionality of the SWG product with Firewall functionality to prevent intrusion and protect your network.
-
A smaller subset of the LAN, which is isolated from other VLANs on the network, effectively creating a "LAN within a LAN". This allows network administrators to logically divide the network into manageable groups without the need for extra equipment. Devices in one VLAN cannot see devices, or their traffic, in another VLAN. For example, schools may create a VLAN for staff and another for students; hotels can create separate VLANs for each guest and conference room.
-
A virtual link between two networks, connecting between the two using one or more other networks. A VPN allows clients on the two networks to communicate as if the networks were directly connected.
-
An endpoint used to establish, manage and control VPN connections.
-
A smaller subset of the LAN, which is isolated from other VLANs on the network, effectively creating a "LAN within a LAN". This allows network administrators to logically divide the network into manageable groups without the need for extra equipment. Devices in one VLAN cannot see devices, or their traffic, in another VLAN. For example, schools may create a VLAN for staff and another for students; hotels can create separate VLANs for each guest and conference room.
-
VoIP is the methodology and technology for delivering voice communications over IP networks, typically the Internet. This has been expanded to include multimedia sessions as well.
-
VoIP is the methodology and technology for delivering voice communications over IP networks, typically the Internet. This has been expanded to include multimedia sessions as well.
-
A virtual link between two networks, connecting between the two using one or more other networks. A VPN allows clients on the two networks to communicate as if the networks were directly connected.
-
An endpoint used to establish, manage and control VPN connections.
-
The access point (AP) or wireless access point (WAP) is a networking device that allows a wireless device, such as a smartphone or tablet, to connect to a wired network. Typically, the AP connects to the wired network via a Router but can be an integral component of the router itself.
-
WCCP is a Cisco-developed content-routing protocol that provides a mechanism to redirect traffic flows in real-time. When enabled in the Smoothwall, it broadcasts its available to WCCP-compatible routers, advising that web traffic can be redirected to it.
-
WCCP is a Cisco-developed content-routing protocol that provides a mechanism to redirect traffic flows in real-time. When enabled in the Smoothwall, it broadcasts its available to WCCP-compatible routers, advising that web traffic can be redirected to it.
-
A filter is a collection of categories containing URLs, domains, phrases, lists of file types and replacement rules. Filters are used in policies to determine if a user should be allowed access to requested information or files using their web browser. Guardian is Smoothwall's web filter.
-
A Proxy that mediates access to the Internet.
-
A collection of domains, URLs, and websites that are users can browse straight to without authentication or interception.
-
A command used to display ownership information for an IP address or domain name.
-
The access point (AP) or wireless access point (WAP) is a networking device that allows a wireless device, such as a smartphone or tablet, to connect to a wired network. Typically, the AP connects to the wired network via a Router but can be an integral component of the router itself.
-
An authentication method that uses the exchange of Certificate Authority-issued Certificate to guarantee authenticity.