802.1p
802.1Q
|
802.1Q defines a layer 2 frame structure that supports VLAN identification and a QOS mechanism sometimes referred to as 802.1p, but the content of 802.1p is now incorporated in 802.1D.
|
ACP
|
Avaya Call Processing, a generic internal name for the server software marketed under names that change too often to keep track of, including Avaya Communication Manager, MultiVantageTM, and DEFINITY®; also affectionately known internally as “The Wad”.
|
AEC
|
Acoustic Echo Cancellation, a signal processing technique that significantly reduces the coupling of a received audio signal back into an active microphone.
|
ANSI
|
American National Standards Institute
|
application-specific
|
Specific to a particular “application” running inside the telephone. For example, configuration file downloading, backup and restore of user data, HTTP push, and the web browser are all internal applications that use the HTTP protocol (the term does not include individual web-page-based “applications” rendered in the web browser). Similarly, the RTCP and CNA clients are internal applications that can invoke traceroute.
|
ARP
|
Address Resolution Protocol, IETF STD 37: RFC 826 [7.3-16], used to determine the MAC address of an endpoint for which the IP address is known.
|
ASCII
|
American Standard Code for Information Interchange, ANSI standard X.3.4.
|
CA
|
Certificate Authority; the entity which issues digital certificates for use by other parties.
|
CNA
|
Converged Network Analyzer, an Avaya network management tool formerly known internally as Chatter (see 96x1H-IPI.5.1.920).
|
COMPAS
|
A document control system developed and maintained by Avaya Labs.
|
DCP
|
Digital Communications Protocol, a proprietary digital telephone interface used on DEFINITY®
|
Diffie-Hellman key exchange
|
A key agreement algorithm based on the use of two public parameters p and g that may be used by all users in a system. Parameter p is a prime number and parameter g (usually called a generator) is an integer less than p, with the following property:
For every number n between 1 and p-1 inclusive, there is a power k of g such that n = gk mod p.
The protocol depends on the discrete logarithm problem for its security, which assumes that it is computationally infeasible to calculate the shared secret key k = gab mod p given the two public values ga mod p and gb mod p when the prime p is sufficiently large.
|
DH Group
|
A number that determines the public parameters used by the Diffie-Hellman key exchange. To successfully establish a shared secret key, the same DH group must be used by both parties.
|
DHCP
|
Dynamic Host Configuration Protocol, an IETF protocol, RFCs 2131 and 2132, used to automate IP address allocation and management.
|
DiffServ
|
An IP-based QoS mechanism defined in RFCs 2474 and 2475.
|
Digital Certificate
|
The digital equivalent of an ID card used in conjunction with a public key encryption system. Digital certificates are issued by a trusted third party known as a "Certificate Authority" (CA) such as VeriSign (www.verisign.com). The CA verifies that a public key belongs to a specific company or individual (the "Subject"), and the validation process it goes through to determine if the subject is who it claims to be depends on the level of certification and the CA itself.
|
digital signature
|
A digital signature is an encrypted digest of the file (message, document, driver, program) being signed. The digest is computed from the contents of the file by a one-way hash function such as MD5 or SHA-1 and then encrypted with the private part of a public/private key pair. To prove that the file was not tampered with, the recipient uses the public key to decrypt the signature back into the original digest, recomputes a new digest from the transmitted file and compares the two to see if they match. If they do, the file has not been altered in transit by an attacker.
|
DNS
|
Domain Name System, a hierarchical network naming scheme. DNS servers provide a mapping of domain names to IP addresses.
|
DTMF
|
Dual-Tone Multi-Frequency, the “touch-tones” used for in-band telephone signaling.
|
FIPS
|
Federal Information Processing Standards, issued by NIST (National Institute of Standards and Technology, formerly the National Bureau of Standards, part of the U.S. Department of Commerce).
|
HTML
|
Hypertext Markup Language, the syntax used to format pages for the World Wide Web.
|
HTTP
|
Hypertext Transfer Protocol, a file transfer protocol primarily used to request and transmit pages on the World Wide Web, IETF RFC 2616.
|
ICMP
|
Internet Control Message Protocol, IETF STD 5: RFC 792.
|
IGMP
|
Internet Group Multicasting Protocol, IETF STD 5: RFC 1112.
|
IEC
|
International Electrotechnical Commission
|
IEEE
|
Institute of Electrical and Electronics Engineers, an organization that, among other things, produces standards applicable to LAN equipment.
|
IETF
|
Internet Engineering Task Force, the organization that produces standards for communications on the Internet.
|
IKE
|
Internet Key Exchange Protocol, RFC 2409, which has been obsoleted by IKEv2 in RFC 4306.
|
IPsec
|
A security mechanism for IP that provides encryption, integrity assurance, and authentication of data.
|
IP
|
Internet Protocol, a network-layer protocol used on LANs and internets, IETF STD 5: RFC 791.
|
ISAKMP
|
Internet Security Association and Key Management Protocol, RFC 2408, which has been obsoleted by IKEv2 in RFC 4306, defines the procedures for authenticating a communicating peer, creation and management of security associations, key generation techniques, and threat mitigation e.g. Denial of service and Replay Attacks. ISAKMP defines two phases of negotiation. During Phase 1 negotiation, two entities establish an ISAKMP SA, which is used to protect Phase 2 negotiations, in which SAs are established for other protocols.
|
ISO
|
International Standards Organization, the standards body responsible for the ISO 9000-series quality standards and the ISO 14000-series environmental management standards.
|
ITU-T
|
International Telecommunication Union – Telecommunication Standardization Sector (formerly CCITT) the sector of the ITU that produces recommendations (standards) for telecommunications.
|
LAN
|
Local Area Network
|
MAC
|
Media Access Control, low-level procedures that determine how devices physically access and share a LAN.
|
MIB
|
Management Information Base, a data structure used by SNMP to represent information about a managed entity.
|
MODP
|
Modular Exponential, used in RFC 3526 to describe groups used for Diffie-Hellman key exchange.
|
MR
|
Modification Request, a formal request to modify something under change control.
|
NAT
|
Network Address Translation, a mechanism by which IP addresses are mapped from one address space to another, and in which UDP and TCP port numbers may be remapped to allow multiple devices to share the same IP address without port number conflicts.
|
Oakley
|
OAKLEY Key Determination Protocol, RFC 2412, describes a series of key exchanges (called “modes”) and details the services provided by each, e.g. perfect forward secrecy for keys, identity protection, and authentication.
|
OUI
|
Organizationally Unique Identifier, the first three octets of a MAC address. For a list of OUIs used by Avaya IP telephones, see the Host Name option in 96x1H-IPI.5.1.604.
|
PFS
|
Perfect Forward Secrecy (see Sections 3.3 and 8 in IETF RFC 2409).
|
QOS or QoS
|
Quality of Service, used to refer to a number of mechanisms intended to improve audio quality over packet-based networks.
|
Refresh / Rekey
|
Use IKE to create a new SA with a new SPI (see Sections 4.4.3 and 4.6.2 in IETF RFC 2401).
|
RFC
|
Request For Comments, a type of document produced by the IETF.
|
R/FS
|
Requirements/Feature Specification, a document that contains detailed requirements and specifications for a product or product line.
|
RSA
|
Rivest-Shamir-Adleman; a highly secure asymmetric cryptography method developed by RSA Security, Inc. that uses a public/private key pair. The private key is kept secret by the owner and the public key is published, usually in a digital certificate. Data is encrypted using the recipient's public key, which can only be decrypted by the recipient's private key. RSA is very computation intensive, thus it is often used to encrypt a symmetric session key that is then used by a less computationally-intensive algorithm to encrypt protocol data during a “session”. RSA can also be used for authentication by creating a digital signature, for which the sender's private key is used for encryption, and the sender's public key is used for decryption.
|
RTCP
|
Real-time Transport Control Protocol, IETF RFC 3550.
|
RTP
|
Real-time Transport Protocol, IETF RFC 3550.
|
SA
|
Security Association, a security protocol (e.g., IPSEC, TLS) and a specific set of parameters that completely define the services and mechanism necessary to protect security at that security protocol location. These parameters can include algorithm identifiers, modes, cryptographic keys, etc. The SA is referred to by its associated security protocol (for example “ISAKMP SA”, “ESP SA”, “TLS SA”).
|
SCEP
|
Simple Certificate Enrollment Protocol, used to obtain a unique identity certificate.
|
SNMP
|
Simple Network Management Protocol, IETF STD 15 (RFC 1157) and RFCs 1441, 1905 and 1906.
|
SNTP
|
Simple Network Time Protocol, IETF RFC 2030.
|
SPD
|
Security Policy Database. Specifies the policies that determine the disposition of all IP traffic inbound or outbound from a host or security gateway IPsec implementation.
|
SPI
|
Security Parameter Index. An identifier for a Security Association, relative to some security protocol. Each security protocol has its own “SPI-space”.
|
SRTCP
|
Secure Real-time Transport Control Protocol, IETF RFC 3711
|
SRTP
|
Secure Real-time Transport Protocol, IETF RFC 3711
|
SSL
|
Secure Sockets Layer, a protocol designed by Netscape Communications Corporation that can provide authentication and encryption for HTTP connections.
|
TCP
|
Transmission Control Protocol, a connection-oriented transport-layer protocol, IETF STD 7: RFC 793.
|
TLS
|
Transport Layer Security, IETF RFC 2246, a protocol that can provide authentication and encryption for TCP connections, based on SSL.
|
TOS
|
Type Of Service, one of the fields in an IP packet header, also used by DiffServ.
|
UDP
|
User Datagram Protocol, a connectionless transport-layer protocol, IETF STD 6: RFC 768.
|
URI
URL
|
Uniform Resource Identifier and Uniform Resource Locator, both names for the strings used to reference resources on the Internet (e.g., http://…). URI is the newer term used by the HTTP 1.1 and XML specifications.
|
VLAN
|
Virtual LAN, a term used for networks whose traffic can be segregated independent of physical LAN connectivity. 802.1Q framing can support VLAN operation.
|
VoIP
|
Voice over IP, a technology for degrading audio quality by transporting it on packet data networks.
|
VPN
|
Virtual Private Network; a private network constructed across a public network such as the Internet. A VPN can be made secure, even though it is using existing Internet connections to carry data communication. Security measures involve encrypting data before sending it across the Internet and decrypting the data at the other end. An additional level of security can be added by encrypting the originating and receiving network address
|
