analog
Information transmitted in a continuously variable form. Phone systems are an example of an information system that uses analog data.
authentication protocols
Routines used by servers to establish the identity of a remote client attempting to connect and communicate with the server.
BranchCache
Technology that allows user data from the corporate data center to be buffered on branch servers or workstations for local client use. Local clients can access cached data instead of retrieving it over the WAN again.
certificate
Digital information that describes the identity of a user or computer. A user or computer can inspect the certificate and decide if its validity can be trusted. Certificates are issued by special servers called Certification Authorities (CA). If a user or computer trusts a CA, then they typically trust the certificates issued by the CA.
Challenge-Handshake Authentication Protocol (CHAP)
A more secure authentication protocol than PAP. CHAP is used to periodically identify the client identity without sending the actual password over the client and server data stream. CHAP passwords are simple by design and do not support strong security methods. This presents a security risk and therefore this authentication protocol is discouraged unless the risk from communication eavesdropping is considered low.
DirectAccess
A replacement for VPN access to corporate intranet data sources and applications utilizing bidirectional IPv6 communication with a specialized DirectAccess server. Workstations and users connect separately, allowing corporate IT administrators to manage both.
Extensible Authentication Protocol (EAP)
A modular standard for defining authentication protocols that can be used to validate a computer or user. A product developer can introduce a custom authentication protocol for their product if it is not already included with Windows 7. EAP is available as an authentication standard with dial-up, VPN, and wireless connections.
hotspot
A geographic area where a Wi-Fi wireless signal from a Wireless Access Point is available to wireless networking clients to enable network and/or Internet access.
HyperText Transport Protocol Secure (HTTPS)
An application protocol commonly used to transfer TCP data in a secured session between a client and server. Because this is a common protocol used with Web servers, many firewalls allow this protocol to pass without blocking it.
IKEv2 Mobility and Multihoming Protocol (MOBIKE)
A protocol designed to work together with IKEv2 to allow a host involved in a secure IKEv2 initiated SA to change its IP address, switch to a different network interface, or recover from a network outage.
Integrated Service Digital Network (ISDN)
A direct, digital dial-up connection to a PSTN that operates at 64 KB per channel over regular twisted-pair cable between a subscriber and the PSTN office.
Internet Key Exchange version 2 (IKEv2)
An authentication protocol that identifies the identity of both the client and server to each other. Once the identity of both sides is established, one or more IPSec based SAs are established between them for data transfer. IKEv2 is considered a strong authentication protocol.
IP-HTTPS
A protocol that allows a secure IP tunnel to be established with a secure HTTP connection for the purpose of transporting IPv6 packets. An IP-HTTPS client must initiate a connection to a configured IP-HTTPS server. The connection between client and server is not likely to be stopped by a firewall because the HTTPS protocol is not commonly blocked.
IPSec
A protocol that is used to secure and authenticate IP connections.
Layer 2 Tunneling Protocol (L2TP)
A protocol used to carry PPP packets through IP networks.
MOBIKE
See IKEv2 Mobility and Multihoming Protocol.
MS-CHAP-v1&2
A Microsoft version of the Challenge-Handshake Authentication Protocol (CHAP). MS-CHAP-v1 adds features to change the password during a session, as well as limit authentication retries, between a client and server. MS-CHAP-v2 added the ability for both sides to confirm each other's identity instead of just the server confirming the client's identity.
Password Authentication Protocol (PAP)
A simple authentication method that establishes the identity of a remote client with the authentication password sent in the data stream between the client and server. This presents a security risk and therefore this authentication protocol is discouraged unless the risk from communication eavesdropping is considered low.
Plain Old Telephone System (POTS)
See Public Switched Telephone Network (PSTN).
Point-to-Point Protocol (PPP)
A network-layer transport protocol that manages connectivity over serial or modem lines. PPP can negotiate any transport protocol used by both systems involved in the link and can automatically assign TCP/IP settings.
Point-to-Point Tunneling Protocol (PPTP)
A protocol used to carry PPP packets through IP networks.
Protected Extensible Authentication Protocol (PEAP)
An enhancement of EAP that encrypts the entire EAP process. This protects all EAP communication before authentication is performed.
Public Switched Telephone Network (PSTN)
Provides a connection to subscribers for dial-up devices such as analog or ISDN modems. Originally developed to connect telephones and allow people to make analog phone calls.
remote access
A system where clients are able to remotely connect to a network and access resources as though the remote client is connected directly to the network.
remote control
A system where clients are able to remotely connect to a server to run applications and access data. Applications and files are accessed at the server and only screen drawing commands are sent back to the client.
Remote Desktop Protocol (RDP)
A protocol used to carry remote control data between the remote control client and the remotely controlled computer.
Remote Desktop (RD)
Terminal Services has been rebranded as Remote Desktop Services in Windows Server 2008 R2.
Routing and Remote Access (RRAS)
A service installed and configured on Windows Server 2003 to allow remote clients and networks to connect to network services local to the server. The Routing and Remote Access service must be configured to support VPN connections, dial-up connections, and routed IP traffic from routers.
Secure Socket Tunneling Protocol (SSTP)
A protocol that allows secure communication between a VPN client and server using the SSL based encryption methods of HTTPS. The connection between client and server is not likely to be stopped by a firewall because the HTTPS protocol is not commonly blocked.
Security Association (SA)
A connection established between two computers for the purpose of securely exchanging data. The connection is only allowed if both sides of the connection know how to find each other on the network, agree on how to authenticate their identities, and agree on how to encrypt and decrypt the data sent between them. Any aspect of the SA connection may be renegotiated periodically to ensure that the other side of the connection is still a valid communication partner.
Serial Line IP (SLIP)
An implementation of the IP protocol over serial lines. SLIP has been made obsolete by PPP.
smart card
A small physical card that contains a processor and memory. The processor is capable of interacting with a computer in which the card is plugged. The most common use of a smart card is to store and validate personal security credentials for a computer or user. The smart card can be physically removed and stored in a small space, such as a wallet.
Terminal Services (TS)
A service that can be installed on a computer running a server-based operating system. Depending on licensing limits, multiple users can connect to the Terminal Server and run applications on the Terminal Server using only a remote control client. Each remote user is unaware that other users are also remote controlling applications on the Terminal Server.
virtual private network (VPN)
A remote access technology that creates an encrypted tunnel for communication between the VPN client and a remote access server. VPN connections are commonly used over the Internet to secure communication when accessing office data from home.
Wide Area Network (WAN)
A geographically dispersed network connected by routers and communication links. The Internet is the largest WAN.
X.25
A networking technology standard that defines packet switching networks used for WAN connectivity.