|
10BaseT
An IEEE standard (802.3) for operating 10 Mbps Ethernet networks (LANs)
over twisted pair cabling.
3DES
A Data Encryption Standard (DES) that uses an encryption key that is
three times longer than that used by DES.
802.11
802.11, or IEEE 802.11, is a radio technology specification used for
Wireless Local Area Networks (WLANs). 802.11 defines the mobile
(wireless) network access link layer, including 802.11 media access
control (MAC) and different Physical (PHY) interfaces. The 802.11
specification, often called WiFi, is composed of several standards
operating in different radio frequencies, including the 2.4 GHz (802.11
b and g) and 5 GHz (802.11a) unlicensed spectrums. New standards are
emerging within the 802.11 specification to address additional aspects
of wireless networking, including Quality of Service (802.11e), roaming
(802.11r), radio management (802.11k), security (802.11i), and higher
throughput (802.11n).
802.11a
An IEEE specification for wireless networking that operates in the 5 GHz
frequency range with a maximum 54 Mbps data transfer rate. The 5 GHz
frequency band is not as crowded as the 2.4 GHz frequency, because the
802.11a specification offers more radio channels than the 802.11b. These
additional channels can help avoid radio and microwave interference.
802.11b
International standard for wireless networking that operates in the 2.4
GHz frequency range (2.4 GHz to 2.4835 GHz) and provides a throughput of
up to 11 Mbps. This is a very commonly used frequency. Microwave ovens,
cordless phones, medical and scientific equipment, as well as Bluetooth
devices, all work within the 2.4 GHz frequency band.
802.11e
An IEEE specification for providing Quality of Service (QoS) in 802.11
WLANs. 802.11e is a supplement to the IEEE 802.11 Wireless LAN (WLAN)
specification, providing enhancements to the 802.11 MAC layer with a
coordinated Time Division Multiple Access (TDMA) construct and adds
error-correcting mechanisms for delay-sensitive applications such as
voice and video.
802.11g
Similar to 802.11b, this standard operates in the 2.4 GHz frequency. It
uses orthogonal frequency division multiplexing (OFDM) to provide a
throughput of up to 54 Mbps.
802.11i
Supports the 128-bit Advanced Encryption Standard (AES) and Temporal Key
Integrity Protocol (TKIP) along with 802.1x authentication and key
management features for increased WLAN security capabilities.
802.11j
Provides enhancements to the current 802.11 standard to support the
4.9GHz - 5GHz band for operations in Japan.
802.11k
Due for ratification in 2005, the 802.11k Radio Resource Management
standard will provide measurement information for access points and
switches to make Wireless LANs run more efficiently.
802.11n
An emerging standard aimed at providing greater than 100 Mbps of
throughput in a wireless environment.
802.11r
A specification under development to improve a wireless client's ability
to roam across wireless networks.
802.16
A specification for fixed broadband wireless metropolitan access
networks (MANs) that uses a point-to-multipoint architecture. The
standard defines the use of bandwidth between the licensed 10GHz and
66GHz bands and between the 2GHZ and 11GHz (licensed and unlicensed)
frequency ranges. 802.16 supports very high bit rates for a distance of
approximately 30 miles.
802.1X
Wireless LAN security implementation meant to increase security in user
authentication by using RADIUS, Extensible Authentication Protocol
(EAP), and LDAP for port-based authentication between an operating
system and the network access device.
Access point
A Wireless LAN transceiver or "base station" that can connect a Wired
LAN to one or many wireless devices. Access points can also bridge to
each other.
ACL (Access Control List)
A list kept by a router or switch to control access to and from a
network by helping the device determine whether to forward or filter
packets that are entering or exiting it. For example, an ACL can prevent
packets with a certain IP address from leaving a particular interface on
the switch.
Ad-Hoc mode
A client setting that provides independent peer-to-peer connectivity in
a Wireless LAN. An alternative set-up is one where PCs communicate with
each other through an AP. See access point and Infrastructure mode.
AES (Advanced Encryption
Standard)
An encryption standard that uses a symmetric encryption algorithm
(Rijndael). AES was chosen by the National Information and Standards
Institute (NIST) as the Federal Information Processing Standard (FIPS).
Appletalk
A LAN protocol designed by Apple and originally introduced in 1985. It
is built into all legacy Apple computers and peripherals.
Application software
A computer program that is designed to do a general task. For example,
word processing, payroll, Internet browsers and graphic design programs
would all be considered applications.
Asleap
A hacking tool that attacks vulnerabilities in network systems using
Cisco's proprietary Lightweight Extensible Authentication Protocol
(LEAP). The Asleap tool works by finding LEAP-protected networks,
forcing users off their connections (de-authenticating them) to force a
new authentication, capturing the transaction data, and starting a rapid
and extensive dictionary attack on the password access.
Attenuation
The reduction of RF signal strength due to the presence of an obstacle,
such as a wall or person. The amount of attenuation caused by a
particular object will vary depending upon its composition.
Backbone
The central part of a large network that links two or more subnetworks
and is the primary path for data transmission for a large business or
corporation. A network can have a wired backbone or a wireless backbone.
Bandwidth
The amount of transmission capacity that is available on a network at
any point in time. Available bandwidth depends on several variables such
as the rate of data transmission speed between networked devices,
network overhead, number of users, and the type of device used to
connect PCs to a network. It is similar to a pipeline in that capacity
is determined by size: the wider the pipe, the more water can flow
through it; the more bandwidth a network provides, the more data can
flow through it. Standard 802.11b provides a bandwidth of 11 Mbps;
802.11a and 802.11g provide a bandwidth of 54 Mbps. These are the raw
capabilities of the network. Many things conspire to reduce these
values, including protocol overhead, collisions, and implementation
inefficiencies.
Base station
A term in cellular networking that refers to a radio
transmitter/receiver that maintains communications with mobile
radiotelephone sets within a given range (typically a cell site).
BSC (Base Station
Controller)
Manages radio resources and controls handoff between cells. May also
contain the transcoder for compressing/uncompressing voice between
cellular network and the Public Switched Telephone Network (PSTN).
Beam Switching
Smart antenna technology that combines multiple input and output
receivers to choose optimal paths for communicating between a WLAN
infrastructure and wireless clients. Path selection is typically done on
a per client / per packet basis to maximize transmit performance, reduce
interference, and to improve security.
Bits per second (bps)
A measure of data transmission speed over communication lines based on
the number of bits that can be sent or received per second. Bits per
second-bps-is often confused with bytes per second-Bps. 8 bits make a
byte, so if a wireless network is operating at a bandwidth of 11
megabits per second (11 Mbps or 11 Mbits/sec), it is sending data at
1.375 megabytes per second (1.375 MBps).
Bluetooth wireless
technology
A technology specification for linking portable computers, personal
digital assistants (PDAs) and mobile phones for short-range transmission
of voice and data across a global radio frequency band without the need
for cables or wires. Bluetooth is a frequency-hopping technology in the
2.4 GHz frequency spectrum, with a range of 30 feet.
Bridge
A product that connects a local area network (LAN) to another local area
network that uses the same protocol (for example, wireless, Ethernet or
token ring). Wireless bridges are commonly used to link buildings in
campuses.
Broadband
A comparatively fast Internet connection. Services such as ISDN, cable
modem, DSL and satellite are all considered broadband as compared to
dial-up Internet access. There is no official speed definition of
broadband but services of 100Kbps and above are commonly thought of as
broadband.
Cable modem
A kind of converter used to connect a computer to a cable TV service
that provides Internet access. Most cable modems have an Ethernet
out-cable that then attaches to the user's Wi-Fi gateway.
CAPWAP (Control and
Provisioning of Wireless Access Points)
An IETF Working Group that was chartered to develop a problem statement
and network architecture for deploying next generation WLAN systems that
leverage lightweight access points and a centralized controller. The
CAPWAP working group was created out of overwhelming response to the
Lightweight Access Point (LWAPP) protocol, co-authored by Airespace.
CHAP (Challenge Handshake
Authentication Protocol)
An authentication protocol that defines a three-way handshake to
authenticate a user. CHAP uses the MD5 hash algorithm to generate a
response to a challenge that can be checked by the authenticator.
Client
Any computer connected to a network that requests services (files, print
capability) from another member of the network.
Client devices
Clients are end users. Wi-Fi client devices include PC Cards that slide
into laptop computers, mini-PCI modules embedded in laptop computers and
mobile computing devices, as well as USB radios and PCI/ISA bus Wi-Fi
radios. Client devices usually communicate with hub devices like access
points and gateways.
Collision avoidance
A network node characteristic for proactively detecting that it can
transmit a signal without risking a collision.
CSMA-CA
CSMA/CA is the principle medium access method employed by IEEE 802.11
WLANs. It is a "listen before talk" method of minimizing (but not
eliminating) collisions caused by simultaneous transmission by multiple
radios. IEEE 802.11 states collision avoidance method rather than
collision detection must be used, because the standard employs half
duplex radios-radios capable of transmission or reception-but not both
simultaneously.
CSMA/CD
A method of managing traffic and reducing noise on an Ethernet network.
A network device transmits data after detecting that a channel is
available. However, if two devices transmit data simultaneously, the
sending devices detect a collision and retransmit after a random time
delay.
dBm
A measurement of relative power (decibel) related to 1 milliwatt (mW).
DCA (Dynamic Channel
Assignment)
The ability to dynamically adjust transmit and receive channels on a
WLAN Access Point to avoid noise and interference. An intelligent WLAN
system will use careful analysis to assign channels across all APs so as
to maximize end-to-end performance without wasting limited RF resources.
Denial of Service (DoS)
A condition in which users are deliberately prevented from using network
resources.
DES (Data Encryption
Standard)
A symmetric encryption algorithm that always uses 56 bit keys. It is
rapidly being replaced by its more secure successor, 3DES.
DHCP
A utility that enables a server to dynamically assign IP addresses from
a predefined list and limit their time of use so that they can be
reassigned. Without DHCP, an IT Manager would have to manually enter in
all the IP addresses of all the computers on the network. When DHCP is
used, whenever a computer logs onto the network, it automatically gets
an IP address assigned to it.
DNS
A program that translates URLs to IP addresses by accessing a database
maintained on a collection of Internet servers. The program works behind
the scenes to facilitate surfing the Web with alpha versus numeric
addresses. A DNS server converts a name like mywebsite.com to a series
of numbers like 107.22.55.26. Every website has its own specific IP
address on the Internet.
DSL
Various technology protocols for high-speed data, voice and video
transmission over ordinary twisted-pair copper POTS (Plain Old Telephone
Service) telephone wires.
EAP (Extensible
Authentication Protocol)
An extension to PPP. EAP is a general protocol for authentication that
also supports multiple authentication methods, such as token cards,
Kerberos, one-time passwords, certificates, public key authentication
and smart cards. IEEE 802.1x specifies how EAP should be encapsulated in
LAN frames.
EAP-TLS (Extensible
Authentication Protocol with Transport Layer Security)
EAP-TLS supports mutual authentication using digital certificates. When
a client requests access, the authentication server responds with a
server certificate. The client replies with its own certificate and also
validates the server certificate. The certificate values are used to
derive session encryption keys.
EAP - TTLS (Extensible
Authentication Protocol with Tunneled Transport Layer Security)
TTLS uses a combination of certificates and password challenge and
response for authentication within an 802.1X environment. TTLS supports
authentication methods defined by EAP, as well as the older Challenge
Handshake Authentication Protocol (CHAP), Password Authentication
Protocol (PAP), Microsoft CHAP (MS-CHAP), and MS-CHAPV2.
EDCF (Enhanced Distributed
Channel Function)
An option within the 802.11e specification that introduces "offset
contention windows" that separate high priority packets from low
priority packets by assigning a larger random backoff window to lower
priorities than to higher priorities. The result is "statistical
priority", where high priority packets usually are transmitted before
low priority packets.
Encryption key
An alphanumeric (letters and/or numbers) series that enables data to be
encrypted and then decrypted so it can be safely shared among members of
a network. WEP uses an encryption key that automatically encrypts
outgoing wireless data. On the receiving side, the same encryption key
enables the computer to automatically decrypt the information so it can
be read.
Enterprise
A term that is often applied to large corporations and businesses. The
enterprise market can incorporate office buildings, manufacturing
plants, warehouses and R&D facilities, as well as large colleges and
universities.
ESSID
The identifying name of an 802.11 wireless network. When you specify
your correct ESSID in your client setup you ensure that you connect to
your wireless network rather than another network in range. (See SSID.)
The ESSID can be called by different terms, such as Network Name,
Preferred Network, SSID or Wireless LAN Service Area.
Ethernet
International standard networking technology for wired implementations.
Basic 10BaseT networks offer a bandwidth of about 10 Mbps. Fast Ethernet
(100 Mbps) and Gigabit Ethernet (1000 Mbps) are becoming popular.
FIPS 140-2
FIPS 140-2 is a U.S. and Canadian government standard that describes
security requirements for cryptographic hardware and software modules. A
product or module must pass testing by a certified laboratory in order
to earn joint certification by the National Institute of Standards and
Technology (NIST) and the Communications Security Establishment of the
Government of Canada (CSE). There are four levels of certification
associated with the program with increasingly stringent security
requirements.
FCC (Federal Communications
Commission)
The United States' governing body for telecommunications law.
Firewall
A system that secures a network and prevents access by unauthorized
users. Firewalls can be software, hardware or a combination of both.
Firewalls can prevent unrestricted access into a network, as well as
restrict data from flowing out of a network.
Gain
The ratio of the power output to the power input of an amplifier in dB.
The gain is specified in the linear operating range of the amplifier
where a 1 dB increase in input power gives rise to a 1 dB increase in
output power.
Gateway
In the wireless world, a gateway is an access point with additional
software capabilities such as providing NAT and DHCP. Gateways may also
provide VPN support, roaming, firewalls, various levels of security,
etc.
HCF (Hybrid Coordination
Function)
An option within the 802.11e specification whereby a hybrid controller
polls stations during a contention-free period and grants station
specific start times and maximum transmit durations.
HIPAA (Health Insurance
Portability and Accountability Act)
The US Congress passed HIPAA in 1996, calling for regulations promoting
administrative simplification of healthcare transactions as well as
regulations ensuring the privacy and security of patient information.
While HIPAA does not specifically mention Wireless LANs, or outline
specific requirements for compliance, it does state that all entities
must use "network controls to protect sensitive communication that is
transmitted electronically over open or private networks so that it
cannot be easily so that it cannot be easily intercepted and interpreted
by parties other than the intended recipient."
HotSpot
A place where you can access Wi-Fi service. This can be for free or for
a fee. HotSpots can be inside a coffeeshop, airport lounge, train
station, convention center, hotel or any other public meeting area.
Corporations and campuses are also implementing HotSpots to provide
wireless Internet access to their visitors and guests. In some parts of
the world, HotSpots are known as CoolSpots.
Hub
A multiport device used to connect PCs to a network via Ethernet cabling
or via WiFi. Wired hubs can have numerous ports and can transmit data at
speeds ranging from 10 Mbps to multigigabyte speeds per second. A hub
transmits packets it receives to all the connected ports. A small wired
hub may only connect 4 computers; a large hub can connect 48 or more.
Wireless hubs can connect hundreds.
HZ
The international unit for measuring frequency, equivalent to the older
unit of cycles per second. One megahertz (MHz) is one million hertz. One
gigahertz (GHz) is one billion hertz. The standard US electrical power
frequency is 60 Hz, the AM broadcast radio frequency band is 535-1605
kHz, the FM broadcast radio frequency band is 88-108 MHz, and Wireless
802.11b LANs operate at 2.4 GHz.
Identity-Based Networking
A concept whereby WLAN policies are assigned and enforced based upon a
wireless client's identity, as opposed to its physical location. With
identity networking, wireless devices need only authenticate once with a
WLAN system. Context information will follow the devices as they roam,
ensuring seamless mobility.
IEEE
Institute of Electrical and Electronics Engineers, New York,
www.ieee.org. A membership organization that includes engineers,
scientists and students in electronics and allied fields. It has more
than 300,000 members and is involved with setting standards for
computers and communications.
IEEE 802.11
A set of specifications for LANs from The Institute of Electrical and
Electronics Engineers (IEEE). Most wired networks conform to 802.3, the
specification for CSMA/CD based Ethernet networks or 802.5, the
specification for token ring networks. 802.11 defines the standard for
Wireless LANs encompassing three incompatible (non-interoperable)
technologies: Frequency Hopping Spread Spectrum (FHSS), Direct Sequence
Spread Spectrum (DSSS) and Infrared. WECA's focus is on 802.11b, an 11
Mbps high-rate DSSS standard for wireless networks.
Infrastructure mode
A client setting providing connectivity to an AP. As compared to Ad-Hoc
mode, whereby PCs communicate directly with each other, clients set in
Infrastructure Mode all pass data through a central AP. The AP not only
mediates wireless network traffic in the immediate neighborhood, but
also provides communication with the wired network. See Ad-Hoc and AP.
IP (Internet Protocol)
A set of rules used to send and receive messages at the Internet address
level.
IP (Internet Protocol)
telephony
Technology that supports voice, data and video transmission via IP-based
LANs, WANs, and the Internet. This includes VoIP (Voice over IP).
IP address
A 32-bit number that identifies each sender or receiver of information
that is sent across the Internet. An IP address has two parts: an
identifier of a particular network on the Internet and an identifier of
the particular device (which can be a server or a workstation) within
that network.
IPsec
IPsec is a security protocol from the Internet Engineering Task Force
(IETF) that provides authentication and encryption. IPsec, which works
at Layer 3, is widely used to secure VPNs and wireless users. Some
vendors, like Airespace, have implemented special WLAN features that
allow IPsec sessions to roam with clients for secure mobility.
ISDN
A type of broadband Internet connection that provides digital service
from the customer's premises to the dial-up telephone network. ISDN uses
standard POTS copper wiring to deliver voice, data or video.
ISO Network Model
A network model developed by the International Standards Organization
(ISO) that consists of seven different levels, or layers. By
standardizing these layers, and the interfaces in between, different
portions of a given protocol can be modified or changed as technologies
advance or systems requirements are altered. The seven layers are:
- Physical
- Data Link
- Network
- Transport
- Session
- Presentation
- Application
The IEEE 802.11 Standard
encompasses the physical layer (PHY) and the lower portion of the data
link layer. The lower portion of the data link layer is often referred
to as the Medium Access Controller (MAC) sublayer.LAN
A system of connecting PCs and other devices within the same physical
proximity for sharing resources such as an Internet connections,
printers, files and drives. When Wi-Fi is used to connect the devices,
the system is known as a Wireless LAN or WLAN.
LDAP (Lightweight Directory
Access Protocol)
A set of protocols for accessing information directories conforming to
the X.500 standard.
LWAPP (Lightweight Access
Point Protocol)
A proposed specification to the International Engineering Task Force
(IETF) created to standardize the communications protocol between access
points and WLAN system devices (switches, appliances, routers, etc.).
Initial authors include Airespace and NTT DoCoMo. See CAPWAP
MAC
MAC is an acronym for Medium Access Control. This is the function of a
network controller that determines who gets to transmit when. Each
network adapter must be uniquely identified. Every wireless 802.11
device has its own specific MAC address hard-coded into it. This unique
identifier can be used to provide security for wireless networks. When a
network uses a MAC table, only the 802.11 radios that have had their MAC
addresses added to that network's MAC table will be able to get onto the
network.
MiM (Man in Middle)
An attack that results from the interception and possible modification
of traffic passing between two communicating parties, such as a wireless
client and Access Point. MIM attacks succeed if the systems can't
distinguish communications with an intended recipient from those with
the intervening attacker.
MIC (Message Integrity
Check)
MIC is part of a draft standard from IEEE 802.11i working group. It is
an additonal 8 byte field which is placed between the data portion of an
802.11 (Wi-Fi) frame and the 4 byte ICV (Integrity Check Value) to
protect both the payload and the header. The algorithm which implements
the MIC is known as Michael.
MIMO (Multi-Input
Multi-Output)
A smart antenna technology that leverages multiple transmit and receive
antennas to boost wireless bandwidth, range, and predictability.
Mobile professional
A salesperson or a "road warrior" who travels frequently and requires
the ability to regularly access his or her corporate networks, via the
Internet, to post and retrieve files and data and to send and receive
e-mail.
Multipath
The process or condition in which radiation travels between source and
receiver via more than one propagation path due to reflection,
refraction, or scattering.
NAT (Network Address
Translation)
A network capability that enables a houseful of computers to dynamically
share a single incoming IP address from a dial-up, cable or xDSL
connection. NAT takes the single incoming IP address and creates new IP
address for each client computer on the network.
Network name
Identifies the wireless network for all the shared components. During
the installation process for most wireless networks, you need to enter
the network name or SSID. Different network names are used when setting
up your individual computer, wired network or workgroup.
NIC
A type of PC adapter card that either works without wires (Wi-Fi) or
attaches to a network cable to provide two-way communication between the
computer and network devices such as a hub or switch. Most office wired
NICs operate at 10 Mbps (Ethernet), 100 Mbps (Fast Ethernet) or 10/100
Mbps dual speed. High-speed Gigabit and 10 Gigabit NIC cards are also
available. See PC Card.
PC card
A removable, credit-card-sized memory or I/O device that fits into a
Type 2 PCMCIA standard slot, PC Cards are used primarily in PCs,
portable computers, PDAs and laptops. PC Card peripherals include Wi-Fi
cards, memory cards, modems, NICs, hard drives, etc.
PCI
A high-performance I/O computer bus used internally on most computers.
Other bus types include ISA and AGP. PCIs and other computer buses
enable the addition of internal cards that provide services and features
not supported by the motherboard or other connectors.
PCMCIA
Expansion cards now referred to as "PC Cards" were originally called
"PCMCIA Cards" because they met the standards created by the Personal
Computer Memory Card International Association.
PDA
Smaller than laptop computers but with many of the same computing and
communication capabilities, PDAs range greatly in size, complexity and
functionality. PDAs can provide wireless connectivity via embedded Wi-Fi
Card radios, slide-in PC Card radios, or Compact Flash Wi-Fi radios.
PEAP (Protected Extensible
Authentication Protocol)
An extension to the Extensible Authentication Protocol with Transport
Layer Security (EAP-TLS), developed by Microsoft Corporation. TLS is
used in PEAP Part 1 to authenticate the server only, and thus avoids
having to distribute user certificates to every client. PEAP Part 2
performs mutual authentication between the EAP client and the server.
Peer-to-peer network
A wireless or wired computer network that has no server or central hub
or router. All the networked PCs are equally able to act as a network
server or client, and each client computer can talk to all the other
wireless computers without having to go through an access point or hub.
However, since there is no central base station to monitor traffic or
provide Internet access, the various signals can collide with each
other, reducing overall performance.
Phased Array Antenna
An antenna that has a radiation pattern determined by the relative
phases and amplitudes of the currents on the individual antenna
elements. The direction of the antenna pattern can be steered by
properly varying the relative phases of those elements.
PHY
The lowest layer within the OSI Network Model. It deals primarily with
transmission of the raw bit stream over the PHYsical transport medium.
In the case of Wireless LANs, the transport medium is free space. The
PHY defines parameters such as data rates, modulation method, signaling
parameters, transmitter/receiver synchronization, etc. Within an actual
radio implementation, the PHY corresponds to the radio front end and
baseband signal processing sections.
Plenum
The ceiling plenum is the volume defined by the area above the back of
the ceiling tile, and below the bottom of the structural slab above.
Within this plenum is usually found a combination of HVAC ducts,
electrical and electronic conduits, water pipes, traditional masking
sound speakers, etc. Networking equipment needs to be plenum rated to
certify that it is suitable for deployment in this area.
Plug and Play
A computer system feature that provides for automatic configuration of
add-ons and peripheral devices such as wireless PC Cards, printers,
scanners and multimedia devices.
PoE (Power over Ethernet)
A technology defined by the IEEE 802.3af standard to deliver dc power
over twisted-pair Ethernet data cables rather than power cords. The
electrical current, which enters the data cable at the power-supply end
and comes out at the device end, is kept separate from the data signal
so neither interferes with the other.
POTS (Plain Old Telephone
Service)
Standard analog telephone service (an acronym for Plain Old Telephone
Service).
Proxy server
Used in larger companies and organizations to improve network operations
and security, a proxy server is able to prevent direct communication
between two or more networks. The proxy server forwards allowable data
requests to remote servers and/or responds to data requests directly
from stored remote server data.
QoS (Quality of Service)
A level of service required to support the performance requirements of a
specific application, user group, traffic flow, or other parameter.
Defined within the service level are network service metrics that
include network availability (uptime), latency and packet loss.
RF (Radio Frequency)
The type of transmission between a Wireless LAN access point and a
wireless client (e.g., laptop, PDA, or phone). Wireless LANs can use RF
spectrum at either 2.4 GHz (IEEE 802.11b or IEEE 802.11g) or 5 GHz (IEEE
802.11G).
RADIUS (Remote
Authentication Dial-In User Service)
An authentication service specified by the IETF that is used by ISPs and
large organizations to validate usernames and passwords for dial-up
users and to provide proper accounting.
Range
How far will your wireless network stretch? Most Wi-Fi systems will
provide a range of a hundred feet or more. Depending on the environment
and the type of antenna used, Wi-Fi signals can have a range of up to
mile.
RC4 Algorithm
The RC4 algorithm uses an Initialization Vector (IV) and a secret key to
generate a pseudo-random key stream with a high periodicity. Designed by
RSA Security, RC4 is used in WEP and many other transmission protocols
including SSL.
Residential gateway
A wireless device that connects multiple PCs, peripherals and the
Internet on a home network. Most Wi-Fi residential gateways provide DHCP
and NAT as well.
RFID
A device that picks up signals from and sends signals to a reader using
radio frequency. Tags come in many forms, such as smart labels that are
stuck on boxes; smart cards and key-chain wands for paying for things;
and a box that you stick on your windshield to enable you to pay tolls
without stopping. Most recently, active 802.11 RFID tags are being
deployed in enterprise environments to provide more consistent tracking
across farther distances than traditional passive devices.
RF Fingerprinting
In an enterprise WLAN scenario, RF fingerprinting refers to creating a
blueprint of a building's RF characteristics, taking into account
specific wall and design characteristics such as attenuation and
multipath. This information is compared to real-time information
collected by APs for 802.11 location tracking. By taking RF
characteristics into account, RF fingerprint is the most accurate method
of wireless device tracking available today.
RF Prediction
The process of predicting WLAN characteristics, such as throughput and
coverage area, based upon imported building characteristics and sample
WLAN design configurations.
RF Triangulation
A common method used for 802.11 device tracking whereby 3 or more Access
Points compare RSSI information to triangulate in on a device's
location. While easy to implement, RF triangulation does not account for
multipath, attenuation, and other RF characteristics that may affect
receive sensitivity, making it less accurate than RF fingerprinting.
Rogue Access Point
An AP that is not authorized to operate within a wireless network. Rogue
APs subvert the security of an enterprise network by allowing
potentially unchallenged access to the enterprise network by any
wireless user (client) in the physical vicinity.
RJ-45
Standard connectors used in Ethernet networks. Even though they look
very similar to standard RJ-11 telephone connectors, RJ-45 connectors
can have up to eight wires, whereas telephone connectors have only four.
Roaming
Moving seamlessly from one AP coverage area to another with no loss in
connectivity.
Router
A device that forwards data packets from one local area network (LAN) or
wide area network (WAN) to another. Based on routing tables and routing
protocols, routers can read the network address in each transmitted
frame and make a decision on how to send it via the most efficient route
based on traffic load, line costs, speed, bad connections, etc.
RSA
A public-key algorithm developed in 1977 and named after its inventors,
Rivest, Shamir, and Adleman. RSA, currently owned by RSA Data Security,
Inc., is used for encryption, digital signatures, and key exchange.
RSN (Robust Security
Network)
A new standard within IEEE 802.11i to provide security and privacy
mechanisms in an 802.11 wireless network. RSN leverages 802.1x
authentication with Extensible Authentication Protocol (EAP) and AES for
encryption.
RSSI (Received Signal
Strength Indication)
The measured power of a received signal.
Satellite broadband
A wireless high-speed Internet connection provided by satellites. Some
satellite broadband connections are two-way-up and down. Others are
one-way, with the satellite providing a high-speed downlink and then
using a dial-up telephone connection or other land-based system for the
uplink to the Internet.
Sectorized antennae
The most common type of antenna used in wireless access points today,
this refers to internal antennae that are configurable for either omni-
or sectorized-directional antennae coverage.
Server
A computer that provides its resources to other computers and devices on
a network. These include print servers, Internet servers and data
servers. A server can also be combined with a hub or router.
SIP (Session Initialization
Protocol)
A signaling protocol that establishes real-time calls and conferences
over IP networks.
Site survey
The process whereby a wireless network installer inspects a location
prior to putting in a wireless network. Site surveys are used to
identify the radio- and client-use properties of a facility so that
access points can be optimally placed.
SOHO
A term generally used to describe an office or business with ten or
fewer computers and/or employees.
"Split MAC"
A patent-pending architecture created by Airespace whereby 802.11
functions are split between an Access Point and a centralized
controller. The Access Point handles real-time functions, such as probe
requests and MAC-layer encryption, while the controller handles
enterprise-wide functions, such as higher layer security, mobility, and
QoS.
SSID
A 32-character unique identifier attached to the header of packets sent
over a WLAN that acts as a name when a mobile device tries to connect to
the BSS. (Also called ESSID.) The SSID differentiates one WLAN from
another, so all access points and all devices attempting to connect to a
specific WLAN must use the same SSID. A device will not be permitted to
join the BSS unless it can provide the unique SSID. Because an SSID can
be sniffed in plain text from a packet, it does not supply any security
to the network. An SSID is also referred to as a Network Name because
essentially it is a name that identifies a wireless network.
SSL
Commonly used encryption scheme used by many online retail and banking
sites to protect the financial integrity of transactions. When an SSL
session begins, the server sends its public key to the browser. The
browser then sends a randomly generated secret key back to the server in
order to have a secret key exchange for that session.
Subnetwork or Subnet
Found in larger networks, these smaller networks are used to simplify
addressing between numerous computers. Subnets connect to the central
network through a router, hub or gateway. Each individual Wireless LAN
will probably use the same subnet for all the local computers it talks
to.
Subnet mobility
The ability of a wireless user to roam across Access Points deployed on
different subnets using a single IP address.
Supplicant
A wireless client that is requesting access to a network.
Switch
A type of hub that efficiently controls the way multiple devices use the
same network so that each can operate at optimal performance. A switch
acts as a networks traffic cop: rather than transmitting all the packets
it receives to all ports as a hub does, a switch transmits packets to
only the receiving port.
TCP
A protocol used along with the Internet Protocol (IP) to send data in
the form of individual units (called packets) between computers over the
Internet. While IP takes care of handling the actual delivery of the
data, TCP takes care of keeping track of the packets that a message is
divided into for efficient routing through the Internet. For example,
when a web page is downloaded from a web server, the TCP program layer
in that server divides the file into packets, numbers the packets, and
then forwards them individually to the IP program layer. Although each
packet has the same destination IP address, it may get routed
differently through the network. At the other end, TCP reassembles the
individual packets and waits until they have all arrived to forward them
as a single file.
TCP/IP
The underlying technology behind the Internet and communications between
computers in a network. The first part, TCP, is the transport part,
which matches the size of the messages on either end and guarantees that
the correct message has been received. The IP part is the user's
computer address on a network. Every computer in a TCP/IP network has
its own IP address that is either dynamically assigned at startup or
permanently assigned. All TCP/IP messages contain the address of the
destination network as well as the address of the destination station.
This enables TCP/IP messages to be transmitted to multiple networks
(subnets) within an organization or worldwide.
TKIP (Temporal Key
Integrity Protocol)
An enhancement to the WEP encryption technique that uses a set of
algorithms to rotate session keys for better protection. TKIP uses RC4
ciphering, but adds functions such as a 128-bit encryption key, a 48-bit
initialization vector, a new message integrity code (MIC), and
initialization vector (IV) sequencing rules.
USB
A high-speed bidirectional serial connection between a PC and a
peripheral that transmits data at the rate of 12 megabits per second.
The new USB 2.0 specification provides a data rate of up to 480 Mbps,
compared to standard USB at only 12 Mbps. 1394, FireWire and iLink all
provide a bandwidth of up to 400 Mbps.
UWB (Ultrawideband)
A wireless technology for transmitting digital data over a wide portion
of the radio frequency spectrum with very low power. Because of the low
power requirement, it can carry signals through doors and other
obstacles that tend to reflect signals at more limited bandwidths and a
higher power.
VLAN (Virtual LAN)
A logical grouping of devices that enables users on separate networks to
communicate with one another as if they were on a single network.
VoIP (Voice over IP)
Voice transmission using Internet Protocol to create digital packets
distributed over the Internet. VoIP can be less expensive than voice
transmission using standard analog packets over POTS (Plain Old
Telephone Service).
VPN (Virtual Private
Network)
A type of technology designed to increase the security of information
transferred over the Internet. VPN can work with either wired or
wireless networks, as well as with dial-up connections over POTS. VPN
creates a private encrypted tunnel from the end user's computer, through
the local wireless network, through the Internet, all the way to the
corporate servers and database.
WAN (Wide Area Network)
A communication system of connecting PCs and other computing devices
across a large local, regional, national or international geographic
area. Also used to distinguish between phone-based data networks and
Wi-Fi. Phone networks are considered WANs and Wi-Fi networks are
considered Wireless Local Area Networks (WLANs).
WEP (Wired Equivalent
Privacy)
Basic wireless security provided by Wi-Fi. In some instances, WEP may be
all a home or small-business user needs to protect wireless data. WEP is
available in 40-bit (also called 64-bit), or in 108-bit (also called
128-bit) encryption modes. As 108-bit encryption provides a longer key
that takes longer to decode, it can provide better security than basic
40-bit (64-bit) encryption.
WiMax Popular name of the
802.16 wireless Metropolitan-Area Network (MAN) standard that's
currently being developed. WiMax, which will have a range of up to 31
miles, is primarily aimed at making broadband network access widely
available without the expense of stringing wires (as in cable-access
broadband) or the distance limitations of Digital Subscriber Line.
WLAN (Wireless LAN)
Also referred to as LAN. A type of local-area network that uses
high-frequency radio waves rather than wires to communicate between
nodes.
WME (Wireless Multimedia
Extension)
The Wi-Fi Alliance's standard for QoS based upon the Enhanced
Distribution Coordination Function (EDCF), which is a subset of the IEEE
802.11e specification.
WSM (Wi-Fi Scheduled Media)
The Wi-Fi Alliance's emerging standard for QoS that is based upon the
HCF portion of the 802.11e standard, which dedicates bandwidth segments
to specific data types. WSM is going to have less of a focus in the
enterprise space than its WME counterpart.
WPA (Wi-Fi Protected
Access)
The Wi-Fi Alliance put together WPA as a data encryption method for
802.11 Wireless LANs. WPA is an industry-supported, pre-standard version
of 802.11i utilizing the Temporal Key Integrity Protocol (TKIP). WPA
will serve until the 802.11i standard is ratified in the third quarter
of 2003.
WPA2
The successor to the original WPA specification with the primary
difference being support for the AES encryption standard. WPA2, for
practical purposes, is identical to 802.11i.
X.509
Created by the International Telecommunications Union Telecommunication
Standardization Sector (ITU-T), X.509 is the most widely used standard
for defining digital certificates.
|