Terminology, Terminology -7 – HP Identity Driven Manager Software Series User Manual

About ProCurve Identity Driven Manager

Terminology

Terminology

Authentication

The process of proving the user’s identity. In networks this involves the use
of usernames and passwords, network cards (smartcards, token cards, etc.),
and a device’s MAC address to determine who and/or what the "user" is.

Authentication

Authentication servers are responsible for granting or denying access to the

Server

network. Also referred to as RADIUS servers because most current authenti­
cation servers implement the RADIUS protocol.

Authorization

The process that determines what an authenticated user can do. It establishes
what network resources the user is, or is not permitted to use.

Bandwidth

Amount of network resources available. Generally used to define the amount
of network resources a specific user can consume at any given time. Also
referred to as rate-limiting.

Client

An end-node device such as a management station, workstation, or mobile PC
attempting to access the network. Clients are linked to the switch through a
point-to-point LAN link, either wired or wireless.

Edge Device

A network device (switch or wireless access point) that connects the user to
the rest of the network. The edge devices can be engaged in the process of
granting user access and assigning a user’s access rights and restrictions.

IDM Agent

The IDM Agent resides on the RADIUS server. It inspects incoming authenti­
cation requests, and inserts appropriate authorization information (IDM
Access Profiles) into the outgoing authentication reply.

QoS

Quality of Service, relates to the priority given to outbound traffic sent from
the user to the rest of the network.

RADIUS

Remote Authentication Dial-in User Service, (though it also applies to authen­
tication service in non-dial-in environments)

RADIUS Server

A server running the RADIUS application on your network. This server
receives user connection requests from the switch, authenticates users, and
then returns all necessary information to the edge device.

Realm

A Realm is similar to an Active Directory Domain, but it works across non-
Windows (Linux, etc.) systems. Generally specified in User-name as
"user@realm."

VLAN

A port-based Virtual LAN configured on the switch. When the client connec­
tion terminates, the port drops its membership in the VLAN.

1-7