Search Results

A framework for autonegotiation of secure authentication methods that use hardware identifiers like fingerprint readers or smart card scanners. This autonegotiation happens before full connection in three scenarios: when the user is accessing a wireless netwo...

A secure report that proves that a client is running an authorized OS and has up-to-date patches and security scanner configurations, ensuring the device meets security standards before accessing the network.

A client-server protocol that enables centralized management of user authentication and access control across various network services. When using RADIUS, all three members of the AAA triad must be implemented using it. Authentication, authorization, and accou...

A type of network security zone where hosts that face the Internet are placed for secure external data retrieval by the internal network. If communication is required between hosts on either side of the perimeter network, a host within is configured to act as ...

A network segment that's isolated from the rest of a private network by one or more firewalls that accepts connections from the Internet over designated ports. Screened subnets use two firewalls placed on either side of the perimeter network zone. One is place...

A measure of a wireless signal's strength as measured at the receiver, measured using either decibel units or an index value. If a client vendor prefers to use index values to measure the signal strength, the most common ranges are 0-60, 0-127, or 0-255. When ...

A mechanism used in wireless networks to select the data transmission rate at the physical layer that is optimal under current channel conditions.

A unique string used to identify wireless networks. SSIDs have a maximum length of 32 bytes, and only use ASCII characters for maximum compatibilit.

A security protocol designed to enhance the security of WEP without introducing breaking changes.

A password-based authentication and password-authenticated key agreement method. SAE is a variant of the Dragonfly Key Exchange. Dragonfly was based on the Diffie-Hellman key exchange that didn't have any authentication, so SAE added authentication by making t...

An amendment to the normal 802.11 standard that enhances the ability of wireless devices to maintain connectivity while moving between meshed access points.

A network protocol suite used to secure data through authentication and encryption as the data travels across the network or the Internet. IPsec has two core protocols. Application Header (AH) Encapsulating Security Payload (ESP) IPsec operates in two ...

aliases: ESP A core protocol of IPsec. ESP is used to encrypt only the payload, and doesn't compute an ICV exactly like AH does. Instead, ESP attaches three fields to the packet: a header a trailer an ICV computed without the IP header With ...

aliases: AH A core protocol of IPSec. AH performs a cryptographic hash on the whole packet, including the IP header, along with a secret shared key. It adds these values as an Integrity Check Value (ICV). The receiving host performs the same hashing...

aliases: Management Frame Protection 802.11w MFP Management Frame Protection: a security feature designed to protect management frames being transmitted over a wireless network. Management frames are responsible for device authentication, association, and ...

aliases: RDP An application protocol for operating remote connections to a host using a graphical interface. RDP runs over 3389/tcp. RDP was first used in Microsoft-Windows for remote access and management. It has encryption and authentication features. Ne...

A framework for creating a security association used with IPsec. Security associations (SAs) establish that two hosts trust one another and agree on secure protocols and cipher suites to exchange data. IKE Negotiations Phase I negotiations happen in two ways, ...

A standard defined by the IETF that defines private IPv4 address ranges.