Ixia’s Guide to Network Security Terms and Acronyms

Network Security Terms & Acronyms

Network security is an intimidating and often misunderstood concept. Part of this is due to the constant change in security threats and threat responses. Nothing stays the same for too long, which creates consistent churn and confusion. This guide is intended to give you a quick and easy reference to common security terms and their meanings. Additional material is available at www.Keysight.com.com/solutions/network-security to help you further with your network security and visibility solution investigations.

Access Control:

U.S. government- approved cryptographic algorithm that can be used to protect electronic data. The AES algorithm is a symmetric block cipher that can encrypt (encipher) and decrypt (decipher) information.

Advanced Persistent Threats (APT):

This is a type of security threat that repeatedly tries to attack a target over a period of time. It usually has the ability to adapt to countermeasures that are deployed to stop it.

Anomaly Detection:

In security monitoring or data mining, the process of identifying items, events, or behaviors which do not conform to expected patterns and are then referred to as outliers.

Application and Threat Intelligence (ATI)

Real-time threat intelligence feeds with up-to-the moment content changes for security and application related data.

Block chain:

A shared listing that allows for recording the history of transactions to improve security.

Botnet:

A network of private computers or smart devices infected with malicious software and controlled as a group without the owners’ knowledge

Bypass Switch:

Specialized network data tap that has fail-over capability integrated within it. Typically used for inline security tools to make them more reliable.

Chief Security Officer/Chief Information Security Officer (CSO/CISO)

CPerson responsible for the security direction of a given organization.

Cipher (or cypher):

An algorithm for performing the encryption or decryption of data.

Common Vulnerabilities and Exposures (CVE):

Research with a dictionary of known information about system vulnerabilities that is available to the public

Computer Incident Response Team (CIRT):

A team that is created to specifically respond to suspicious security-related incidences. This often includes threat identification and remediation or mitigation, if complete remediation (eradication) is not possible.

Crypto-mining:

The process of safeguarding important corporate information and data from loss.

Data Protection:

Monitoring that examines the payload or data portion of a packet, as opposed to just the packet headers.

Demilitarized Zone (DMZ):

A “neutral zone” that is deployed between an organization’s private network and the Internet to provide a safety buffer.

Denial of Service (DOS):

A security attack that is intended to prevent or delay authorized users from accessing network resources.

Distributed Denial of Service (DDoS):

A denial of service technique that uses multiple hosts to perform the attack, not just one

Ephemeral Key:

A type of cryptographic key that is generated for each execution of a key establishment process. A cryptographic key is ephemeral if it is generated anew for each execution of the key. Ephemeral keys are becoming the gold standard for encryption, replacing static keys which were easier for hackers to break into over repeated attempts.