FAQ - Frequently Asked Questions
Common Terms
What is VPN?
VPN stands for Virtual Private Network and is a method to
increase security as well as privacy for an organization or an individual. It
allows you to connect to the internet through a secure tunnel with data being
usually encrypted. In an enterprise environment, it is usually used to access
local network resources remotely.
What is IPSec VPN?
IPSec stands for Internet Protocol Security. It is the
most traditional mode of VPN which works on the network layer 3 of the OSI
model. It secures all data between two endpoints and once connected, the user
will be seen as "part" of the network and have full access to it. It usually
requires a specific software client.
What is SSL VPN?
SSL stands for Secure Sockets Layer. It is a common
protocol used by most of the web browsers, and based on the network layer 7 of
the OSI model. It also allows an organization to only open access to a specific
application or web server instead of the whole network. It usually does not
require a client software to connect to an SSL VPN.
What is QoS?
QoS stands for Quality of Service, which is a term used to
describe a method/technology to measure and improve transmission rates over the
network by managing packet loss, delay, and etc. It is especially useful in an
enterprise environment for which they need to improve a specific application
such as video conference streaming.
What is IoT?
IoT refers to Internet of Things, which is a new trend of
physical objects (smart devices, vehicles, buildings, etc.) being connected over
the internet, which enable them to communicate between each of them, collect and
exchange data.
What is BYOD?
BYOD is the abbreviation for Bring Your Own Device. This is
a new trend in the work place where employees bring their own devices (e.g.:
tablets, laptops, etc.) for work purpose and use it to connect to the enterprise
network.
Internet Access Management
What is the Internet Bandwidth?
Internet bandwidth refers to the maximum
throughput (or amount of data) that can be carried over a network line, from one
point to another in a given period of time. It is usually expressed in Mbps or
Gbps.
What is Throughput?
Network throughput refers to the amount of data moved
from one point to another in a specific amount of time.
What is Domestic Bandwidth?
Domestic Bandwidth refers to data exchanged
between two local points, for example in the same country. It is important for
countries where Internet Service Providers charge different rates for domestic
and international bandwidth.
What is Internet Bandwidth Management?
Bandwidth management is how you
can measure and control all traffic and packets within your network for purpose
such as avoiding bandwidth congestion, which can result in slow performance and
affect the network's users.
What is Internet Filtering?
Internet Filtering is a method or software
that allows IT administrators to control a list of permitted or blocked websites
(e.g.: Facebook) as well as applications (e.g.: eMule) to be used within the
network.
What is URL Filtering?
Similar to Internet Filtering, but the filtering
method is mainly based on a specific website URL such as www.sangfor.com, which
can allow IT administrators to decide which website URL the users can visit.
What is Traffic Quota?
Traffic quota represents the total amount of data
that can be utilized (upload and download) by a specific user or group. This is
usually used in enterprises with limited bandwidth available to avoid network
congestion.
What is Illegal Wi-Fi?
In the work place, an illegal Wi-Fi represents is
a wireless access point that is insecure and opened by an employee or a third
party. It can be divided into two main categories: hotspot opened by employees
to have access to the internal network with their own devices and hotspot opened
by third-party with the intend to attack/steal information from an employee.
What is User Access/Authentication?
User Authentication refers to the
process of allowing a specific device which need to connect to the network by
checking the identity of a user before allowing him to use the resources.
What is Endpoint Control?
Endpoints control refers to the process of
managing & controlling endpoint devices (such as smartphones, tablets, laptops,
etc.).
What is High Availability?
High availability refers to a system or network
that is continuously operational and never failing. It is usually done by using
two similar appliances. If one of them stop working, the other appliance will
take over and ensure the continuity of the operation.
What is a Policy?
In network management, a policy is a set of conditions
and settings that IT administrators use to restrain the access of a specific
user or group to the network, internet, application, etc.
Next Generation Application Firewall
What is a Next Generation Firewall?
The meaning of Next Generation
Firewall differs between each vendor. According to Gartner, Next Generation
Firewall are deep-packet inspection firewalls that move beyond port/protocol
inspection and blocking to add application-level inspection, intrusion
prevention, and bringing intelligence from outside the firewall.
What is Web Application Firewall (WAF)?
A Web Application Firewall (WAF)
is a firewall used to protect web application/server (also known as HTTP
applications). It provides protection for the layer 7, especially against
attacks such as SQL injection and Cross-Site scripting.
What is an IPS?
An intrusion prevention system (IPS) monitors network
traffic to detect attacks and prevent them. It is mainly based on
signature-matching and anomaly detection. Unlike WAF, IPS cannot protect the web
application layer, known as layer 7. It is especially vulnerable to new and
emerging attacks that do not have signatures.
What is ATP (Advanced Threat Prevention)?
The definition varies from a
vendor to another vendor, however it generally refers to a security solutions
that protect users against sophisticated malware or hacking attacks.
What is APT (Advanced Persistent Threat)?
An Advanced Persistent Threat is
an attack usually made against organizations (public/private). The
characteristics of this attack is that it is using malware that can stay hidden
for a long time before it is detected. The main purpose is to steal information
instead of causing damage like the other type of malwares.
What is a Malware?
A malware is a piece of software that is designed to
damage or gain unauthorized access to a computer or server. It includes a broad
range of varieties such as virus, worm, trojan horse, spyware, ransomware, etc.
What is a Virus?
A virus is a type of malware that is designed to infect
a user, execute and replicate itself to infect other users. It will result in
the infection of programs and files, alter your system settings and ultimately
stop it from working (depending on the virus).
What is Ransomware?
Ransomware is a type of malware used to block the
access to a computer system or files. If the user wants to unlock the system or
files, he/she must pay a certain sum of money.
What is SQL Injection?
SQL injection is an attack that is targeting to
destroy a specific database. This is done through code injection technique by
placing malicious code in the SQL statements for execution.
What is Cross-Script Scripting (XSS) attack?
Cross-Site Scripting refers
to a type of injection attack where an attacker injects malicious scripts into a
trusted websites or web application vulnerabilities. Instead of targeting
directly the user, the attacker is targeting the website (or web application)
vulnerability in order to reach the victim. This can result in the attacker
stealing the victim's credentials and sensitive data (e.g.: credit card
information).
What is DoS Attack?
The DoS abbreviation stands for Denial-of-Service
Attack, is a type of attack that is flooding a targeted machine or resource
connected to the internet with so many requests that it will overload the
systems and make it unavailable.
What is DDoS Attack?
The DDoS abbreviation stands for
Distributed-Denial-of-Service Attack, is similar to DoS attack. The main
difference is that in a DDoS attack, the attacker(s) is using more than one
source with multiple computers and internet connections to floor the victim with
requests.
WAN Optimization
What is LAN?
LAN stands for local area network, and is a computer network
with a group of computers and devices that are interconnected within a limited
area through a common link.
What is WAN?
WAN refers to Wide Area Network, which is a computer network
that expand to a large geographical area, and usually consists of two or more
LANs. WAN is used to connect LANs together so users in different locations can
be gathering into one location to communicate and exchange data. It is usually
done through leaded lines or satellite.
What is Packet Loss?
Packet loss occurs when a packet of data fails to
reach a specific destination. This can cause obvious effect in certain scenarios
such as video conference by affecting its quality.
What is Network Latency?
Network latency is the time it takes for a packet
of data to reach a specific destination. Low network latency describes small
delay times, while a high network latency describes long delay times.
What is Protocol Chattiness?
Protocol Chattiness (or Chatty Protocol) is
an application or protocol that requires an acknowledgment between a client or
server before the next packet can be send.
What is Redundant Data?
PIn data transmission, data redundancy refers to
data additionally created to the actual data. This is usually used to correct
errors in transmitted data. However sometimes it can create large amount of data
and affect the network speed.
What is TCP?
Transmission Control Protocol (TCP) is one of the main
transport layer protocol which applications are using to exchange data packets
over the internet.
TCP will ensure that the data packets sent are received
in its entirety, and recover them if any packet is lost during the transmission.
What is UDP?
User Datagram Protocol (UDP) is an alternative to TCP used
for applications that do not requires error checking and can accept some packet
loss. It is not as reliable as the TCP protocol, however its low-latency and
loss tolerating characteristics make it suited for applications such as
streaming and VoIP.
What is HTP?
HTP (High-Speed Transmission Protocol) technology is an
optimization technology based on the transmission layer. It can improve link
quality and transmission performance of applications and therefore help users
gain better experience.
What is FEC?
Forward Error Correction (FEC) technology is an optimization
technology to enhance data reliability. It can correct data errors prior to data
transmission.