Glossary – Avaya 3.7 User Manual

Issue 4 May 2005

313

Glossary

A

Aggressive mode

An IKE mechanism used in the first phase of establishing a security
association. Aggressive mode accomplishes the same authentication
negotiating goal between clients as Main mode but faster (three packets versus
six).

AH/ESP

In an IPSec packet, the Authentication Header (AH) and Encapsulation Security
Payload (ESP) header. IKE VPNs authenticate IP packets using either an ESP
header as defined in draft-ietf-ipsec-esp-v2-03.txt, or AH as defined in IETF
draft-ietf-ipsec-auth-header-04.txt.

Alarms

When a security gateway in the VPN reports an alarm condition, details about
the alarm including type, timestamp, and the originating security gateway can
be found in the VPNmanager main screen Alarm pane.

Authentication

Generic

The process of ensuring that the data received is the same data that was sent
from the source.

Local

Local Authentication is used in non-dynamic VPNs (VPNs not using RADIUS or
a directory server (LDAP) as the authentication database). Here, the user is
authenticated from the database stored in the security gateway’s flash memory.

RADIUS

RADIUS Authentication uses an external RADIUS server and database for user
authentication.

LDAP

LDAP Authentication uses the designated directory server database for user
authentication.

B

Brute Force Attack

A hack attack that attempts to recover a cryptographic key by trying all
reasonable possibilities.

C

CCD

Client Configuration Download. The protocol used to download the VPN
session parameter configuration file from the security gateway to the remote
client as part of a successful authentication when the security gateway is
configured for Local Authentication.