The Self-Monitoring, Analysis, and Reporting Technology (S.M.A.R.T. or SMART) monitoring system detects and reports on hard drive reliability indicators to help anticipate failures. This feature can be useful for troubleshooting.
The set of information about user authentication and data encryption between two network devices is known as a “security association”(SA). A Security Association is a contract between two parties indicating what security parameters, such as keys and algorithms they will use.
SA Life Time (Seconds)
Define the length of time before an IKE Security Association automatically renegotiates in this field. It may range from 300 seconds (five minutes) to 86,400 seconds (one day).
In NetWare, the SAP broadcasts information about available services on the network that other network devices can listen to. A server sends out SAP messages every 60 seconds. A server also sends out SAP messages to inform other devices that it is closing down. Workstations use SAP to find services they need on the network.
Serial ATA (Advanced Technology Attachment) is a computer bus technology that allows high-speed data transfer to and from hard disks and optical drives.
A UNIX program that gathers information on networks and stores it in databases. It is helpful in finding security flaws such as incorrect settings, software bugs and poor policy decisions. It shows network services that are running, the different types of hardware and software on the network, and other information.
When adjusting video setup, saturation adjusts the color intensity.
Secure Copy (SC) is a file transfer method that uses SSH. It is secure way of transferring files between computers that uses port 22.
Scan refers to all port, IP or vulnerability scans. Hackers scan ports to find targets. They may use a TCP connect call, SYN scanning (half-open scanning), Nmap etc.
Simple Certificate Enrollment Protocol (SCEP) is a TCP-based certificate enrollment protocol that was developed by VeriSign and Cisco.
In ATM, the Sustained Cell Rate is the mean cell rate of each bursty traffic source. It specifies the maximum average rate at which cells can be sent over the virtual connection. SCR may not be greater than the PCR (see PCR).
A Symmetrical Digital Subscriber Line is a symmetrical, bi-directional DSL service that operates on one twisted-pair wire. It can provide data rates up to the T1 rate of 1.544 Mbps, and it operates above the voice frequency, so voice and data can be carried on the same wire.
In WiMAX, a security association is the process of authentication between a mobile station and a base station. The term is also used to describe the set of information exchanged between the two devices.
Secure Gateway IP Address
Secure Gateway IP Address is the WAN IP address of the remote IPSec router.
A security zone is a logical group of interfaces with common security settings.
This is a term used when downloading content from the Internet using BitTorrent protocol. Seeds refer to the number of computers that are sharing the complete file that you are downloading.
Selectable Dual Band
Selectable dual band works in either the 2.4 GHz or 5 GHz radio bands, but not at the same time.
Selective Q-in-Q is VLAN-based. It allows a switch to add different outer VLAN tags to the incoming frames received on one port according to their inner VLAN tags.
The self protect feature protects a router against intrusions targeted at the router itself.
A self-signed certificate is one that you generate on a device. The device acts as the certification authority and signs the certificate itself.
SELT (Single End Loop Test) and DELT (Dual End Loop Test) are both loop test methods used to test the copper DSL line from the central office to the subscriber’s location. SELT is used to get basic information about a copper DSL line without having to install a CPE device (DSL modem for example) at the far end of the loop (such as the subscriber’s home). See also DELT.
When two or more devices are connected digitally to form a network, the one that distributes data to the other devices is known as the server. A computer or a software package, that provides a specific kind of service to client software running on other computers connected via a network. The most common example is a file server that has a local disk and handles requests from clients to read and write files on this disk.
Service Level Agreement (SLA)
A Service Level Agreement (SLA) is a service contract between a service provider and a subscriber.
In WiMAX, a service flow is a unidirectional flow of frames and is identified by a service flow identifier (SFID).
Session Initiation Protocol
Session Initiation Protocol (SIP) is a protocol that manages VoIP.
In the Simple Network Management Protocol (SNMP), a SET request is issued by an SNMP manager to an SNMP agent instructing the agent to write information to the specified variable (OID) on its host. The agent returns a message indicating that the write operation was successful, or an error report.
A set-top box is a device that provides services such as High Definition Television (HDTV), content decryption, personal video recorder, electronic programming guide, VoIP, Web browsing and interactive television features.
The Start Frame Delimiter is a one-byte field in an Ethernet frame that indicates the start of the frame.
sFlow is a standard technology for monitoring switched networks. An sFlow agent embedded on a switch or router gets sample data and packet statistics from traffic forwarded through its ports. The sFlow collector is a server that collects and analyzes sFlows.
SFP (Small Formfactor Pluggable) is a compact transceiver that connects a switch, router or similar device to a fiber optic or unshielded twisted pair cable. SFP transceivers comply with the SFP Transceiver Multi-source Agreement (MSA).
SSH File Transfer Protocol or Secure File Transfer Protocol (SFTP) is a secure way of transferring files between computers. It uses port 22. Also see SC (Secure Copy).
SGMP (Simple Gateway Monitoring Protocol) is an application-layer protocol that allows remote users to inspect and change a gateway’s configuration.
Secure Hash Algorithm HMAC-SHA-1 (RFC 2404) is a hash algorithm that is used to authenticate packet data. It produces a 160-bit message digest.
A SHA1 fingerprint is a certificate’s message digest that was calculated using the SHA1 algorithm.
On a network storage system, a share is a set of access permissions mapped to a specific folder on a volume. It is equivalent to the Windows concept of a shared folder, but is independent of the folder. See also Share Path.
A share path is the full path to a folder on a volume that will be shared on a network storage system. See also Share.
A shell is the outermost part of an operating system that interacts with user commands. See also Kernel.
Looking over someone’s shoulder to see the numbers they dial on a phone, or the information they enter into a computer.
Side A/B Settings in Q.SIG
When using Q.SIG protocol in ISDN PRI connections, the side A and B settings are used to avoid voice channel collision.
The degree to which a radio signal is interrupted (absorbed) by a medium depends upon the wavelength of the signal, its strength, and the density of the medium. The longer the wavelength of a signal, the less likely it is to be absorbed. Likewise, the stronger a signal is, the less likely it is to be absorbed. A dense medium (like rock) is more likely to absorb a signal than a less dense medium (like air).
A signature (or sig) is a short piece of information automatically added at the end of a message. In the case of an email message, a signature can consist of graphics and text, whereas in the case of an SMS the signature is text only.
Signal attenuation is the upstream and downstream signal attenuation (reductions in amplitude of the DSL signal). It is measured in decibels (dB). Signal attenuation is affected by factors such as noise, heat, crosstalk, and loop attenuation.
A VoIP signaling card serves as an H.248 signaling gateway. It terminates and processes H.248 protocol messages from the media gateway controller. The signaling card sends signal events (like ring, metering pulse, and various tones) to the media cards.
A SIM (Subscriber Identity Module) is a mobile phone network card that holds subscriber information such as personal account details, address book and security settings. SIM cards can also be connected to computers and PDAs (Personal Digital Assistants).
In mobile telephony, a Subscriber Identity Module Personal Identification Number (SIM PIN) is a numeric password used to control access to SIM card data (stored phone numbers, for example). When a user enables SIM PIN, data on the card can be read only when the correct PIN is entered. The SIM PIN remains active when the card is used in a different device. If a user enters an incorrect PIN three times, the SIM card becomes blocked. In this case, the PIN will no longer unlock the card and the Personal Unblocking Key (PUK) must be used to gain access.
Simultaneous Dual-N Band
Simultaneous dual-N band technology operates in both the 2.4 GHz and 5 GHz radio bands at the same time, at Wireless-N speeds, doubling available wireless bandwidth and network capacity.
This allows you to log on to multiple systems (such as e-mail, Internet access) with a single password/username pair.
Session Initiated Protocol (SIP) is an internationally recognized standard for implementing VoIP. SIP is an application-layer control (signaling) protocol that handles the setting up, altering and tearing down of voice and multimedia sessions over the Internet.
A SIP Application Layer Gateway (ALG) allows VoIP calls to pass through NAT by examining and translating IP addresses embedded in the data stream. When a VoIP device behind the ALG registers with the SIP register server, the ALG translates the devices private IP address inside the SIP data stream to a public IP address.
A SIP account uses an identity (sometimes referred to as a SIP address). A complete SIP identity is called a SIP URI (Uniform Resource Identifier). A SIP account’s URI identifies the SIP account in a way similar to the way an e-mail address identifies an
SIP Keep Alive
SIP session keep alive is defined in RFC-4028. When enabled it has the SIP device periodically send SIP session refresh requests.
A SIP number is the part of the SIP URI that comes before the “@” symbol. For example, if the SIP URI is 1122334455@VoIP-provider.com, then “1122334455” is the SIP number.
SIP Proxy Server
A SIP proxy server relays SIP requests between the SIP server and SIP clients.
SIP Redirect Server
A SIP redirect server accepts SIP requests, translates the destination address to an IP address and sends the translated IP address back to the device that sent the request. Then the client device that originally sent the request can send requests to the IP address that it received back from the redirect server. Redirect servers do not initiate SIP requests.
SIP Register Server
A SIP register (or registrar) server maintains a database of SIP identity-to-IP address (or domain name) mapping. The register server checks your user name and password when you register.
SIP Service Domain
A SIP service domain is the part of the SIP URI that comes after the “@” symbol. For example, if the SIP URI is 1122334455@VoIP-provider.com, then “VoIP-provider.com” is the SIP service domain.
A SIP server manages VoIP calls between SIP clients. The settings on the SIP client and the SIP server must match one another.
A SIP URI is a complete SIP address (also called a SIP identity) consisting of a SIP number and a SIP service domain. See also SIP, SIP Number and SIP Service Domain.
SIP User Agent Server
A SIP user agent server can make and receive VoIP telephone calls. This means that SIP can be used for peer-to-peer communications even though it is a client-server protocol.
In WiMAX, sleep mode allows a mobile station and the base station to which it is connected to negotiate periods of the mobile station’s absence from the network. This conserves power and allows the base station to reallocate WiMAX resources during the mobile station’s absence.
Short Messaging Service (SMS), also known as text messaging, allows the transfer of messages up to 160 characters in length, primarily over the cellular network.
The SMT is a menu-based interface that you use to configure your device.
Simple Mail Transfer Protocol (SMTP) is a mail protocol used for sending e-mail. SMTP uses TCP port 25 by default.
A Smurf hacker floods a router with Internet Control Message Protocol (ICMP) echo request packets (pings). The destination IP address of each packet is the broadcast address of the target network, so the router will broadcast ICMP echo request packets to all hosts on that network.
A snapshot is a “point-in-time” copy of data on a volume. As new snapshots of the volume are made, only those bits of data that have changed from the original snapshot are duplicated. This allows a system to create instant backups on the fly without requiring a user to stop working. Snapshots take up a fraction of the space of traditional full-volume backups.
SNAT (Source NAT)
Source NAT changes the source address of packets so they appear to come from a different
SNMP walk is a feature of the Simple Network Management Protocol that allows the user of an SNMP manager to obtain a comprehensive list of the information provided by an SNMP agent. SNMP walk works by simply issuing a series of GETNEXT requests, and displaying the returned information. Some SNMP managers support SNMP walk filtering by allowing the user to specify an OID (Object IDentifier) subtree to walk.
SNMP (Simple Network Management Protocol)
SNMP is a popular management protocol defined by the Internet community for TCP/IP networks. It is a communication protocol for collecting information from devices on the network. A widely used network monitoring and control protocol.
Passively watching a network for information that could be used to a hacker’s advantage, such as passwords. Usually done while Camping Out.
Signal-to-Noise Ratio (SNR) is the ratio of the amplitude of the desired (DSL) signal to the amplitude of noise signals at a given point in time. The higher the SNR number, the better the line quality.
A DMT sub-carrier!|s signal-to-noise (SNR) is the ratio between the received signal and noise power. The SNR margin is the maximum that the received noise power could increase with the system still being able to meet its transmission targets.
SNTP is an Internet protocol used to synchronize the clocks of network devices with a time server. See also NTP.
This protocol is used for exchanging XML messages.
A protocol that handles TCP traffic through proxy servers.
System on a chip (SOC)
An ASIC that is specially developed to meet the requirements of a given application in which the objective is to integrate most functionality on a single chip, thereby realizing benefits in terms of price, performance and reliability. Examples of functions that are often integrated in an SOC are microprocessors, memory and interfaces.
Instructions for the computer. A series of instructions that performs a particular task is called a “program”.
A softkey is a physical key on a device with a function that varies. Usually, the current function displays nearby on an LCD screen or similar display unit.
SOHO (Small Office or Home
Some devices are specifically made to meet the needs of people who work in a small office, or at home. This segment of computer equipment users is referred to as SOHO.
SP TPID (Service Provider Tag Protocol IDentifier) is the service provider VLAN stacking tag type. It is a standard Ethernet type code identifying the frame and indicates whether the frame carries IEEE 802.1Q tag information. TPID (Tag Protocol IDentifier) is an inner (VLAN) IEEE 802.1Q tag.
In VLAN stacking, SP VID (Service Provider VLAN ID) is the outer VLAN tag.
Spam is unsolicited commercial or junk e-mail sent to large numbers of people. It is often used to promote products or services.
A spam score is a rating of how likely an e-mail is to be spam. See also spam threshold.
Mail with a spam score greater than or equal to the spam threshold is treated as spam. See also spam score.
Spanning Tree Algorithm
The spanning-tree algorithm calculates the best loop-free path throughout a switched network.
An SPI is used to distinguish different SAs terminating at the same destination and using the same IPSec protocol. This data allows for the multiplexing of SAs to a single gateway. The SPI (Security Parameter Index) along with a destination IP address uniquely identify a particular Security Association (SA).
SPI (Stateful Packet Inspection) Firewall
A technology that inspects incoming packets of information before allowing them to enter the network.
In load balancing, the spillover algorithm allows a device to send traffic through the primary interface until the maximum allowable bandwidth is reached, then the device sends excess traffic (new sessions) to the secondary interface.
In telephony, a splitter, sometimes called a “plain old telephone service splitter” is a device that divides a telephone signal into two or more signals, each carrying a selected frequency range, and can also reassemble signals from multiple signal sources into a single signal.
Spoke VPN Router
In a hub-and-spoke VPN, multiple spoke VPN routers connect to a single hub VPN router. The spoke VPN routers connect to each other through the hub VPN router.
To forge something, such as an IP address. IP spoofing is a common way for hackers to hide their location and identity.
Strict Priority Queuing (SPQ) services queues based on priority only. As traffic comes into the switch, traffic on the highest priority queue is transmitted first. When that queue empties, traffic on the next highest-priority queue is transmitted until that queue empties, and so on. If higher priority queues never empty, then traffic on lower priority queues never gets sent. Other scheduling services include WRR (Weighted Round Robin) and WFQ (Weighted Fair Queuing).
See also Queuing Algorithms.
Wideband radio frequency technique used for more reliable and secure data transmission.
Seamless Rate Adaptation is an ADSL2+ feature that automatically adjusts the connection�s data rate according to line conditions without interrupting service.
In a WiMAX network, subscriber stations connect wirelessly to a base station for network access. Subscriber stations are usually static, located in homes and offices. Subscriber stations use versions of the WiMAX standard that are incapable of mobile access (rapid transition between cells) such as IEEE 802.16-2004.
SSH (Secure Shell) is a secure communication protocol that combines authentication and data encryption to provide secure encrypted communication between two hosts over an unsecured network.
SSID (Service Set IDentifier)
Your wireless network’s name.
Technology that allows you to send information that only the server can read. SSL allows servers and browsers to encrypt data as they communicate with each other. This makes it very difficult for third parties to understand the communications.
SSL pass through
SSL (Secure Sockets Layer) uses a public key to encrypt data that’s transmitted over an SSL connection. Both Netscape Navigator and Internet Explorer support SSL, and many web sites use the protocol to obtain confidential user information, such as credit card numbers. By convention, URLs that require an SSL connection start with “https” instead of “http” SSL pass through allows SSL connections through a device.
A Secure Socket Layer Virtual Private Network (SSL VPN) uses SSL to provide VPN network access to remote users. Since SSL (the Secure Socket Layer protocol) is used no security software installation is required. Remote users can use Internet Explorer or other standard web browsers. See also reverse proxy mode, full tunnel mode, and HTTPS.
Standard definition video
Standard definition video uses fewer than 720 vertical lines of resolution, usually 486 (NTSC) or 576 lines (PAL and SECAM). Standard definition video uses a 4:3 aspect ratio.
With stateless autoconfiguration in IPv6, addresses can be uniquely and automatically generated. Unlike DHCPv6 (Dynamic Host Configuration Protocol, version 6) which is used in IPv6 stateful autoconfiguration, the owner and status of addresses don’t need to be maintained by a DHCP server. Every IPv6 device is able to generate its own and unique IP address automatically when IPv6 is initiated on its interface. It combines the prefix and the interface ID which is generated from its own Ethernet MAC address, to form a complete IPv6 address.
Stateful inspection (also known as dynamic packet filtering) tracks each connection crossing the firewall and makes sure it is valid. Filtering decisions are based not only on rules but also context. For example, traffic from the WAN may only be allowed to cross the firewall in response to a request from the LAN. See also firewalls.
See account generator printer.
Stateful Pattern Matching
Stateful pattern matching is an intrusion detection method based on reassembling a TCP stream to make the complete string available to the detection engine. It is based on the established session, rather than on a single packet. It stores all packets in a TCP stream and then searches for patterns across all packets.
Static IP Address
A fixed address assigned to a computer or device that is connected to a network.
In IP source guard, a static binding is provided manually by administrators. See also Binding.
Static DHCP has a device assign specific IP addresses to specific computers based on the computers!| MAC addresses.
Static MAC Address Forwarding
A static MAC address entry is an address that you manually enter into the MAC address-learning table. Static MAC addresses do not age out. This may reduce unicast flooding. The devices with MAC addresses on this list cannot receive traffic on another port on the device.
Static Multicast Forwarding
A multicast MAC address is the MAC address of a member of a multicast group. A static multicast address is a multicast MAC address that has been manually entered in the multicast table. Static multicast addresses do not age out. Static multicast forwarding allows you (the administrator) to forward multicast frames to a member without the member having to join the group first.
If a multicast group has no members, then the switch will either flood the multicast frames to all ports or drop them. With static multicast forwarding, you can forward these multicasts to port(s) within a VLAN group.
Static routes tell routing information that a networking device cannot learn automatically through other means. The need for static routing can arise in cases where RIP is disabled on the LAN or a remote network is beyond the one that is directly connected to a remote node. Forwarding data in a network via a fixed path.
Stealth enabled on a port means that the device drops all incoming packets destined for the device received on that port with no response to the sender.
STP detects and breaks network loops and provides backup links between switches, bridges or routers. It allows a device to interact with other STP-aware devices in your network to ensure that only one path exists between any two stations on the network.
STP cable consists of copper-core wires surrounded by an insulator. Two wires are twisted together to form a pair; the pair form a balanced circuit. The twisting prevents interference problems, STP provides protection against external crosstalk.
Straight-through Ethernet cable
A cable that wires a pin to its equivalent pin. This cable connects two dissimilar devices, for example, a data terminal equipment (DTE) device and a data communications equipment (DCE) device. A straight-through Ethernet cable is the most commonly used Ethernet cable.
Striping is the breaking up of data in order to store the data pieces on different drives in a volume. This allows faster reading and writing of data as reading and writing can be done simultaneously across disks. See also RAID, Volume.
In OSPF, a stub area, at the edge of an AS, is not a transit area since there is only one connection to the stub area.
STUN allows a device to find the public IP address assigned by a NAT router and/or a firewall between it and the public Internet. See RFC 3489 for details on STUN.
Your system’s SUA feature allows multiple user Internet access for the cost of a single ISP account. See also NAT.
A subnet mask determines the maximum number of possible hosts on a network. You can also use subnet masks to divide one network into multiple sub-networks.
In a switch, subnet-based VLANs allow you to group untagged upstream traffic into logical VLANs based on the subnet of the source IP address. One advantage of using subnet-based VLANs is that priority can be assigned to all traffic originating in the same IP subnet.
This port connects to the uplink port of another device when the devices are cascaded. Also known as a downlink port.
Super G is a wireless networking technique used to achieve transmission speeds of up to 108Mbps on an IEEE 802.11g link between compatible Super G devices. Super G uses channel bonding (using two channels instead of one) as well as compression and frame-bursting.
SVGA (Super Video Graphics Array) describes standard 4:3 aspect ratio (800 by 600) resolutions used by display monitors.
In VLAN translation, SVID (Subscriber VLAN ID) is the outer tag into which the ETI or CVID will be translated. This can be the ingress port VID, the static VLAN ID, or the protocol-based VLAN ID.
A layer-2 network device that selects a path or circuit to send a data packet through. A device that is the central point of connection for computers and other devices in a network, so data can be shared at full transmission speeds.
Symmetric NAT maps requests from the same private IP address and port to a different public source IP address and/or port depending on the packet�s destination IP address. A host on the Internet can only send a packet to the private IP address and port via the specific public source IP address and port that were previously used in sending a packet from the private IP address and port to the host�s IP address and port.
A synchronization backup keeps updating a single copy of the source files on the target.
An abbreviated form of System Log. Syslog logging sends a log to an external (syslog) server used to store and analyze logs.
A syslog server is a central online repository used for storing and analyzing logs.The syslog protocol is built around data logging for the purposes of keeping records and analysis. On a typical network the syslog daemon can be configured to send system logs to a central online repository known as a syslog server. This allows network administrators to quickly access and examine them without having to go to every machine on the network.