Security Articles

Video Tutorials

WatchGuard Feeds

White Papers

Case Studies

Network Security Glossary

Network Security Glossary
A list of frequently used terms

This glossary contains a list of terms, abbreviations, and acronyms frequently used when discussing networks, security, firewalls, and WatchGuard products.

# | A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | R | S | T | U | V | W | X | All

I

IANA (Internet Assigned Number Authority)

The central authority charged with assigning parameter values (numbers) to Internet protocols. For example, IANA controls the assignment of well-known TCP/IP port numbers. Currently IANA manages port numbers 1 through 1023.

ICANN (Internet Corporation for Assigned Names and Numbers )

A non-profit, private-sector corporation formed by a broad coalition of the Internet's business, technical, academic, and user communities. ICANN has been recognized by the U.S. and other governments as the global consensus entity to coordinate the technical management of the Internet's domain name system, the allocation of IP address space, the assignment of protocol parameters, and the management of the root server system.

ICMP (Internet Control Message Protocol)

A protocol used to pass control and error messages back and forth between nodes on the Internet. Perhaps the most used ICMP command is ping.

identity certificate

A signed statement that binds a public encryption key to the name of an individual and therefore delegates authority from that individual to the public key. Any message encrypted with that person's public key can then be regarded as being from that person.

IDS (Intrusion Detection System)

A class of networking products devoted to detecting attacks from hackers. Network-based intrusion detection systems examine the traffic on a network for signs of unauthorized access or attacks in progress, while host-based systems look at processes running on a local machine for activity an administrator has defined as "bad."

IEEE (Institute of Electrical and Electronics Engineers)

Pronounced "eye-triple-E." An organization of engineers, scientists, and students who issue standards related to electrical, electronic, and computer engineering. For example, IEEE developed the standards for using Ethernet, token ring, and WiFi.

IETF (Internet Engineering Task Force)

A large, open international community of network designers, operators, vendors, and researchers concerned with the evolution of the Internet architecture and the smooth operation of the Internet. IANA is chartered by one of the IETF's working groups.

IKE (Internet Key Exchange)

A standard proposed in RFC 2409 used with IPSec virtual private networks (VPNs) for automating the process of negotiating encryption keys, changing keys, and determining when to change keys. IKE first mutually authenticates the two endpoints that plan to set up IPSec tunnels between them; then the endpoints can establish mutually agreed-upon security parameters. For more, see IPSec and VPN.

initialization vector

A block of arbitrary data that serves as the starting point for a block cipher like Triple-DES.
See also cipher block chaining.

initialize

To prepare (a disk) for information storage.

installation wizard

A software tool specifically designed to guide a user through the process of installing a new application.

integrity; data integrity

The concept that you can discern whether data is in the condition its authors or owners intend it to be, and that it has not been modified by unauthorized persons during storage or transmittal.

interface

A boundary across which two independent systems meet and act on or communicate with each other. The term sometimes refers to the wires, plugs, and sockets that hardware devices use to communicate with each other. Other times, it refers to the style in which a software program receives and responds to user input; for example, command line interface or graphical user interface.

Internet address class

Historically, to efficiently administer the whole range of possible 32-bit IP addresses, the addresses were separated into three classes that describe networks of varying sizes:

Class A - If the first octet of an IP address is less than 128, it is a Class A address. A network with a Class A address can have up to about 16 million hosts.
Example: 64.64.10.1.

Class B - If the first octet of an IP address is from 128 to 191, it is a Class B address. A network with a Class B address can have up to 64,000 hosts.
Example: 155.155.24.301.

Class C - If the first octet of an IP address is from 192 to 223, it is a Class C address. A network with a Class C address can have up to 254 hosts.
Example: 192.168.14.4.

Modern addressing techniques favor classless routing, rendering these class categorizations less and less relevant. For a full discussion of the topic, see the following LiveSecurity editorials from the Foundations series: "Understanding IP Addresses and Binary," "Understanding Subnetting (Part 1)," and "Understanding Subnetting (Part 2)." For a briefer treatment, see network address.

Internet Engineering Task Force

See IETF.

intranet

A self-contained network with a limited number of participants who extend limited trust to one another in order to accomplish an agreed-upon goal. For example, a manufacturer and its key vendors might create an intranet to facilitate managing the process of turning raw materials into finished products.

Intrusion Detection System

See IDS.

IP (Internet Protocol)

A fundamental set of detailed specifications that controls how data packets are formatted and how they move from one networked computer to another.

IP address

An understanding of IP addresses is foundational for managing a network, so we go into some depth with this definition.

In short, an IP address is a numeric identifier that represents a computer or device on a TCP/IP network. The devices on the network rely on the address in order to know where to route data.

The format of an IP address is a 32-bit number divided into four 8-bit segments, separated by periods. The four segments, called octets, can be represented in binary notation (ones and zeros, the basic building blocks of all software) like this: 11010000.10001100.00100011.00000010. Because writing so many ones and zeros is inefficient and laborious for humans, IP addresses are usually converted to decimal notation when written out (but remember, the machines always understand them as ones and zeros). For example, the same binary address above, expressed in decimal, is 208.140.35.2. In decimal notation, no octet can have a value greater than 255. This is because binary requires 9 ones and zeros to express a number greater than 255, and the rules for IP addresses only allow 8.

Some portion of any IP address designates a network, and the remaining portion of the address designates a specific device on that network. For more information, see network address, Internet address class, and subnet mask. You can also read the LiveSecurity editorial, "Foundations: Understanding IP Addresses and Binary."

IP fragment

A formatted portion of data that is part of a larger IP packet. IP fragments are typically used when an IP packet is too large for the physical media that the data must cross. For example, the IP standard for Ethernet limits IP packets to about 1,500 bytes, but the maximum IP packet size is 65,536 bytes. To send packets larger than 1,500 bytes over an Ethernet, IP fragments must be used.

IP masquerading

See NAT.

IP options

Extensions to the Internet Protocol used mainly for debugging and for special applications on local networks. In general, there are no legitimate uses of IP options over an Internet connection.

IP options attack

A method of gaining unauthorized network access by utilizing IP options.

IPSec (Internet Protocol Security)

An open-standard methodology of exchanging data over the public Internet while protecting the data from prying eyes as it travels from the originator to the recipient. IPSec provides encryption and authentication options to maximize the confidentiality of data transmissions, employing cryptographic protocols in conjunction with IKE and ISAKMP. The IETF chartered the IPSec work group to provide cryptographic security services that will flexibly support combinations of authentication, integrity, access control, and confidentiality. IPSec standards are commonly employed when establishing a VPN.

IP spoofing

The act of inserting a false (but ordinary-seeming) sender IP address into the "From" field of an Internet transmission's header in order to hide the actual origin of the transmission. There are few, if any, legitimate reasons to perform IP spoofing; the technique is usually one aspect of an attack.

ISAKMP (Internet Security Association Key Management Protocol)

A set of specifications defined in RFC 2408 and used in close conjunction with IPSec. Defines the procedures for authenticating, creating and managing security associations, generating keys, and using digital certificates when establishing VPN connections.

ISO (International Organization for Standardization)

An international organization composed of national standards bodies from over 75 countries. For example, ANSI (American National Standards Institute) is a member of ISO. ISO has defined a number of important computer standards, the most significant of which is perhaps OSI (Open Systems Interconnection), a standardized architecture for designing networks.

ISP (Internet service provider)

A business that sells access to the Internet. A government bureau or an educational institution may be the ISP for some organizations.

ITU-T (International Telecommunication Union-Telecommunication)

Formerly the CCITT (Consultative Committee for International Telegraph and Telephone), a worldwide telecommunications technology standards organization. Just as IETF and ICANN propose and maintain standards for the Internet, ITUT proposes and establishes standards for international telephony.

IV

See initialization vector.