Glossary

The following are terms used to describe important elements in the operation of Engedi's products:

• NOC = A network operations center (NOC) is a place from which a telecommunications network  is supervised, monitored, and maintained. Large enterprises with large networks as well as large network service providers typically have a network operations center, a room containing visualizations of the network or networks that are being monitored, workstations at which the detailed status of the network can be seen, and the necessary software to manage the networks. The network operations center is the focal point for network troubleshooting, software distribution and updating, router and domain name management, performance monitoring, and coordination with affiliated networks.

• Key2 Secure Remote Management™ = Secure Remote Management is patented technology for access to and management of remote network devices. Used by network administrators for secure management access to network devices, SRM provides a back-up communication path, encrypted management traffic, and centralized access control.

• Key2 Control = multi-party authorization software from Engedi. Used to pro-actively protect networks and data from the undesireable act by the inexperienced or malicious insider.

• Gateway Router = a router at the NOC configured to act as the “gateway” to an SRM™ enabled device.  A Cisco router or VPN concentrator can be configured to act as the NOC "Gateway" router connected to an SRM™ enabled deivce.

• In-band  = the primary communication path used by the Key2 SRM. Typically it is the production network used to also carry network traffic.

• Out of Band = (OoB) is the secondary, or back-up, communication path used by Key2 SRM™ when the in-band path becomes unavailable.

• IPSec = Short for IP Sec urity, a set of protocols developed by the IETF to support secure exchange of packets at the IP layer. IPsec has been deployed widely to implement Virtual Private Networks (VPNs)

• PSTN = public switched telephone network. which refers to the international telephone system based on copper wires carrying analog voice data. This is in contrast to newer telephone networks base on digital technologies, such as ISDN and FDDI.

• POTS  = Short for plain old telephone s ervice, which refers to the standard telephone service that most homes use. In contrast, telephone services based on high-speed, digital communications lines, such as ISDN and FDDI, are not POTS. The main distinctions between POTS and non-POTS services are speed and bandwidth. POTS is generally restricted to about 52 Kbps (52,000 bits per second).

• SCADA  (Supervisory Control And Data Acquisition) is software for process control.  It gathers data in real time from remote locations in order to control equipment and conditions. SCADA is used in power plants as well as in oil and gas refining, telecommunications, transportation, and water and waste control.

• VPN = Short for v irtual p rivate network, a network that is constructed by using public wires to connect nodes. For example, there are a number of systems that enable you to create networks using the Internet as the medium for transporting data. These systems use encryption and other security mechanisms to ensure that only authorized users can access the network and that the data cannot be intercepted.

• TACACS = Short for T erminal Access Controller A ccess Control System, an authentication protocol that was commonly used in UNIX networks. TACACS allows a remote access server to communicate with an authentication server in order to determine if the user has access to the network.

• RADIUS  = Remote Authentication Dial-In User Service (RADIUS) is a client/server   protocol  and software that enables remote access servers to communicate with a central server to authenticate dial-in users and authorize their access to the requested system or service. RADIUS allows a company to maintain user profiles in a central database  that all remote servers can share. It provides better security, allowing a company to set up a policy that can be applied at a single administered network point. Having a central service also means that it's easier to track usage for billing and for keeping network statistics.

• LDAP  = LDAP (Lightweight Directory Access Protocol) is a software protocol  for enabling anyone to locate organizations, individuals, and other resources such as files and devices in a network, whether on the public Internet or on a corporate intranet . LDAP is a "lightweight" (smaller amount of code) version of Directory Access Protocol (DAP), which is part of X.500, a standard for directory  services in a network. LDAP is lighter because in its initial version it did not include security features.

• Multi-Party Authorization - requires a second authenticated and authorized user approve of an action before it is allowed to take place in the network. MPA is used to pro-actively protect networks, records and control systems from the malicious insider or the inexperienced insider. It is complimentary to, but distinct from, the more widely known multi-factor authentication that employs more than one means, or factors, to authenticate an entity seeking access to the network. MPA compliments multi-factor authentication. MPA permits system administrators to implement policy that requires more than one authenticated and authorized entity approve of an action before it can be executed. MPA is pro-active protection from the malicious insider. Engedi has implemented patented MPA with their Key2 Control software. See Key2 Control.

• Key2 Technology™ (K2t)™ are patented and patent pending network security technologies from Engedi. It is the brand under which the products are marketed. The Key2 technologies include patented Key2 Secure Remote Management ™ and the patented Key2 Control software™.

For additional network terms see:

- Whatis.com

- Webopedia