Computer Security – Definitions
Application-Proxy Gateway Firewall: An advanced firewall that combines lower layer access control with upper layer functionality, and includes a proxy agent that acts as an intermediary between two hosts that wish to communicate with each other.
Boundary Router: A router located at the organization’s boundary with an untrusted external network. In the context of this document, a boundary router is configured to be a packet filter firewall.
Circuit-Level Gateway: A form of proxy that validates each connection before it is established, in much the same manner as stateful inspection.
Dedicated Proxy Server: A form of proxy that does not have firewalling capabilities.
Demilitarized Zone (DMZ): An interface on a routing firewall leading to a protected network that is different from the main network protected by the firewall. Traffic bound for the DMZ still goes through the firewall, and can have the firewall’s protection policies applied.
Deny by Default: To block all inbound and outbound traffic that has not been expressly permitted by firewall policy.
Distributed Firewalling: Moving firewall capabilities from the network perimeter to device endpoints, such as placing a firewall in or directly in front of every endpoint and other appropriate devices in the network.
Egress Filtering: Filtering of outgoing network traffic.
Firewall: A device or program that controls the flow of network traffic between networks or hosts employing differing security postures.
Firewall Platform: The system device upon which a firewall is implemented. An example is a commercial operating system running on a personal computer.
Host-Based Firewall: A software-based firewall installed on a server to monitor and control its incoming and outgoing network traffic.
Ingress Filtering: Filtering of incoming network traffic.
Intranet: A network that employs services, applications, and protocols similar to those present in an Internet implementation, but without involving external connectivity. This allows data to be shared within the organization without private information being made available to individuals outside the intranet.
Malware: A program that is inserted into a system, usually covertly, with the intent of compromising the confidentiality, integrity, or availability of a victim’s data, applications, or operating system, or otherwise annoying or disrupting the victim.
Network Address Translation (NAT): Used to hide internal system addresses from an external network through use of an addressing schema.
Packet Filter Firewall: A routing device that includes access control functionality for host addresses and communication sessions.
Personal Firewall: A software-based firewall installed on a desktop or laptop computer to monitor and control its incoming and outgoing network traffic.
Personal Firewall Appliance: A device that performs functions similar to a personal firewall for a group of computers on a home network.
Proxy Agent: A software application running on a firewall or on a dedicated proxy server that is capable of filtering a protocol and routing it between the interfaces of the device.
Ruleset: A set of directives that govern the access control functionality of a firewall. The firewall uses these directives to determine how packets should be routed between its interfaces.
Stateful Inspection Firewall: A firewall that can filter packets, track the state of connections, and block packets that deviate from the expected state.
Stateful Protocol Analysis Firewall: A stateful inspection firewall that includes an inspection engine able to analyze protocols at the network, transport, and application layers.
No Responses to “Computer Security – Definitions”
Very interesting article.I wait to read more about this subject
interesting post
a very good article about Computer Security – Definitions