Multi-Tech Systems RF660 User Manual

Glossary

Multi-Tech Systems, Inc. RouteFinderVPN RF760/660/600VPN User Guide (PN S000323D)

182

Policy

– The purpose of an IPSec Security Policy is to define how an organization is going to protect itself. The policy will

generally require two parts: a general policy and specific rules
(e.g., a system-specific policy). The general policy sets the overall approach to Security. The rules define what is and what
is not allowed. The Security Policy describes how data is protected, which traffic is allowed or denied, and who can and
cannot use various network resources.

Port

– Where as only the source and target addresses are required for transmission on the IP level, TCP and UDP require

further characteristics to be introduced that allow a differentiation of the separate connections between two computers. A
connection on the TCP and UDP level are thus clearly identified by the source address and the source port, as well as by the
target address and the target port.

Port Range

– A series of TCP or UDP port numbers that can be set in RouteFinder protocol service definitions. For

example, when adding a service from Networks & Services > Services, enter the source (client) port. The entry options
are a single port (e.g. 80), a list separated by commas (e.g. 25, 80, 110), or a port range (e.g. 1024:64000).

Port Scanning

– Attempting to find "listening" UDP or TCP ports on an IP device, and then obtaining information about the

device. Portscanning itself is not harmful, but it can be used by hackers to allow intrusion by brute-force password guessing.

PPP (Point-to-Point Protocol)

–

An IETF standard which provides a method for transporting multi-protocol datagrams over

point-to-point links. All of the users on the Ethernet connection share a common connection, so the Ethernet principles
supporting multiple users in a LAN are combined with the principles of PPP, which typically apply t serial connections.

PPPoE (Point-to-Point Protocol over Ethernet)

– An IETF standard which provides the ability to connect a network of

hosts over a simple bridging access device to a remote access concentrator. To provide a point-to-point connection over
Ethernet, each PPP session must learn the Ethernet address of the remote peer, as well as establish a unique session
identifier.

PPTP (Point-To-Point Tunneling Protocol)

– A protocol that allows secure remote access to corporate networks (VPNs)

over the Internet. All data sent over a PPTP connection can be encrypted and compressed, and multiple network level
protocols (TCP/IP, IPX) can be run concurrently. Note: the RF660VPN does NOT support IPX or Netbeui when using PPTP
tunneling.

Protocol

– A clearly defined and standardized sentence of commands and answers, with whose help a client and a server

can communicate. Well-known protocols and the services they provide are, for example, HTTP (www), FTP (ftp), and NNTP
(news).

Proxy (Application Gateway)

– The task of a proxy (Application Gateway) is to completely separate the communication

connections between the external network (Internet) and the internal network (LAN). There must be no direct connection
between an internal system and an external computer. The proxies work exclusively on the application level. Firewalls that
are based on proxies use a dual homed gateway that does not transfer any IP packets. The proxies that run as specialized
programs on the gateway can now receive connections for a special protocol, process the received information at the
application level, and then transfer them.

Proxy ARP

– The technique in which one machine, usually a router, answers ARP requests intended for another machine.

By "faking" its identity, the router accepts responsibility for routing packets to the "real" destination. Proxy ARP allows a site
to use a single IP address with two physical networks. Subnetting would normally be a better solution.

Private Key

–

In public key cryptography the private key is only known to the holder, and it can be used to sign and decrypt

messages.

Proxy

– A cache server that acts as a firewall, protecting the local network. It allows an application inside the proxy to

access resources on the global Internet.

PSK (Pre Shared Key)

– A PSK password must be entered at both ends of the VPN tunnel. This password is also called the

secret. The holder of this password can establish a VPN connection to the secure network. Make sure that this password
does not reach the wrong hands and that you change the PSK password at regular intervals.

Public Key

– In public key cryptography the public key, which is included in the certificate, can be used to verify signatures

and encrypt messages. A sample public key is shown below:

0sAQNic1Twvw7iknvNd6ieKDhd9JTu/Krbc71H4oIFd/xqKJntU8x25M0Wbxr0
gQngECdZPWHj6KeSVtMtslzXMkxDecdawoCadPtPiH/Iln23GKUOt3GoDVM
ob+fob9wBYbwdHOxPAYtNQBxNPEU9PGMxQdYp8io72cy0duJNCXkEVvpv
YvVzkmp0xVYOWYkfjiPsdhnz5FCitEh6XsCe0ctByoLjKA1C+mLtAlWhuycVoj
r2JwzSqUIJXzS6nV4yrpI+QY5o5yztgjVIgwW1Er6jyyo2aeFLgucqjuHSZ+sX0
dz/OfdQ0N0AjRAmO3eknOYLk2DPRkmUeYr3W95q1Z2j/+4GRlzzP8ZoyPw
dBv7hpZ0TRA9c38a26+La8N2/TDKx+fGLfixB6Ed8X0jCmq4It7iD2d/9EWea
UZfctqaKfw==

Public key cryptography is based on two keys, a private key and a public key. Where conventional cryptography is a one key
system for both locking (encrypting) and unlocking (decrypting) a message, whereas public key cryptography uses different
keys for locking and unlocking. In public-key systems, one key can be kept private while the other key is made public.
Knowing that the public key does not reveal the private key.