Cisco ASA 5505 User Manual
Page 1942
Glossary
GL-4
Cisco ASA 5500 Series Configuration Guide using the CLI
Content
Rewriting/Transfor
mation
Interprets and modifies applications so that they render correctly over a clientless SSL VPN
connection.
cookie
A cookie is a object stored by a browser. Cookies contain information, such as user preferences, to
persistent storage.
CPU
Central Processing Unit. Main processor.
CRC
Cyclical Redundancy Check. Error-checking technique in which the frame recipient calculates a
remainder by dividing frame contents by a prime binary divisor and compares the calculated remainder
to a value stored in the frame by the sending node.
CRL
Certificate Revocation List. A digitally signed message that lists all of the current but revoked
certificates listed by a given
. A CRL is analogous to a book of stolen charge card numbers that
allow stores to reject bad credit cards. When certificates are revoked, they are added to a CRL. When
you implement authentication using certificates, you can choose to use CRLs or not. Using CRLs lets
you easily revoke certificates before they expire, but the CRL is generally only maintained by the
or an
. If you are using CRLs and the connection to the
is not available when
authentication is requested, the authentication request will fail. See also
.
CRV
Call Reference Value. Used by
to distinguish call legs signaled between two entities.
cryptography
Encryption, authentication, integrity, keys and other services used for secure communication over
networks. See also
and
crypto map
A data structure with a unique name and sequence number that is used for configuring VPNs on the
ASA. A crypto map selects data flows that need security processing and defines the policy for these
flows and the crypto peer that traffic needs to go to. A crypto map is applied to an interface. Crypto
maps contain the
s, encryption standards, peers, and other parameters necessary to specify security
policies for
and
. See also
CTIQBE
Computer Telephony Interface Quick Buffer Encoding. A protocol used in IP telephony between the
Cisco CallManager and CTI
applications. CTIQBE is used by the TAPI/JTAPI
protocol inspection module and supports
, and bidirectional
. This protocol enables
Cisco IP SoftPhone and other Cisco TAPI/JTAPI applications to communicate with Cisco CallManager
for call setup and voice traffic across the ASA.
cut-through proxy
Enables the ASA to provide faster traffic flow after user authentication. The cut-through proxy
challenges a user initially at the application layer. After the security appliance authenticates the user,
it shifts the session flow and all traffic flows directly and quickly between the source and destination
while maintaining session state information.
D
data confidentiality
Describes any method that manipulates data so that no attacker can read it. This is commonly achieved
by data encryption and
s that are only available to the parties involved in the communication.
data integrity
Describes mechanisms that, through the use of encryption based on
algorithms, allow the recipient of a piece of protected data to verify that the data has not been modified
in transit.