- AAD DS
- Azure Active Directory Domain Services (F5)
- : a cloud directory service which is a database that stores object information used for Identity and Access Management (IAM) offered by Microsoft Technologies
- ACS URL Endpoint
- Assertion Customer Service URL Endpoint
- : an endpoint on the SP where the IdP will redirect to with its authentication response / should have HTTPS endpoint due to PII
- AD
- Active Directory
- : a directory service developed by Microsoft for Windows domain networks, this includes most Windows Server operating systems as a set of processes & services
- ActiveX
- : a technology developed by Microsoft’s OLE and COM technologies for improving interactive control and executing Windows applications over the Web
- Administrative Metadata
- : information to help manage a resource, like resource type, permission, and when & how it was created
- Advanced compression
- : a process of increasing application performance across network
- AJAX
- Asynchronous JavaScript and XML
- : a programmatic technique that utilizes JavaScript and the XMLHTTPRequest object to exchange data between a web browser and a web server
- ALG
- Application Layer Gateway
- : a type of security software or device that acts on behalf of the application servers on a network, protecting the servers and applications from possible malicious traffic
- Anti-phishing
- : an action that monitors application traffic for attempts at harvesting private information through seemingly trusted authorities (misleading identity-theft relevant issues)
- API
- Application Programming Interface
- : a type of software interface which mainly focuses on specification and implementation
- API Protection (F5)
- Application Programming Interface Protection
- : a protection that entails authenticating programs or users who are invoking web API
- Application Delivery Control Platform (F5)
- : a device that is typically placed in a data center between the firewall and one or more applications servers that works with rating shaping, SSL offloading, and WAF
- Application Layer
- : an abstract layer that specifies the shared communications protocols and interface methods used by hosts in a communication network
- Application Layer Security
- : refers to ways of protecting web applications at the application layer from malicious attack
- Application server
- : a server that provides with access what is commonly called business logic, which generates dynamic content that is, it’s code that transforms data to provide the specialized functionality offered by a business, service, or application
- Application Traffic Management
- : a methodology that F5 pioneered for intercepting, inspecting, translating, and directing Web traffic to the optimum resource based on specific business policies
- Application Visibility
- : an ability to gain insights into application performance, health, security and other such aspects of an application
- ASM
- App Security Manager
- : a web application firewall that secures web applications and protects them from vulnerabilities, helps to ensure compliance with key regulatory mandates, such as PCI DSS
- Asymmetric
- : an attack that is designed to invoke timeouts or session-state changes
- Authentication
- : the process of determining whether someone or something is, in fact who or what it says it is
- AWS
- Amazon Web Services
- : a sister company of Amazon that provides on-demand cloud computing platforms and APIs to individuals, companies, and governments, on a metered pay-as-you-go basis globally
- AZURE
- : a cloud computing service operated by Microsoft for application management via Microsoft-managed data centers
- Bad Bots Stopped
- : an phenomenon experiencing varying volumes of bot traffic and must mitigate own unique types of bots powered attacks
- Bandwidth
- : a measure of the data capacity of a network connection, representing how quickly data can be sent from one point to another
- BADoS
- Behavioral Denial of Service
- : a module that provides automatic protection against DDoS attacks by analyzing traffic behavior using machine learning and data analysis
- BI
- Business Intelligence
- : the strategies & technologies used by enterprises for the data analysis and management of business information
- BIG-IP AWS (F5)
- BIG-IP Amazon Web Service
- : a platform that increases as cloud services allow you to scale user’s apps faster and on demand
- BIG-IP TMOS (F5)
- BIG-IP Traffic Management Operating System
- : a separate kernel that sits “next to” their enterprise Linux derivative of CentOS, and is F5’s true claim to fame and the heart of F5 and is the only true “Full Proxy” on the market
- BIG-IQ Centralized Management (F5)
- : provide visibility and control for user’s entire F5 portfolio and supports F5 BIG-IP end-to-end, VEs, BIG-IP Per-App VEs, BIG-IP iSeries F5 VELOS platform, and the F5 VIPRION platform
- Bot mitigation
- : identifying and blocking unwanted or malicious bot traffic that hits your application or network to reduce risk
- Brute Force Attack
- : consists of an attacker submitting many passwords or passphrases with the hope of eventually guessing correctly
- Buffer overflow
- : a phenomenon occurs when a program or process tries to store more data in a temporary data storage area than it was designed to store
- Caching
- : a hardware or software component that stores data for fast access in the future efficiently
- Central Policy Builder
- : a program that predicts how to best fine-tune web application security policy that is shared over multiple BIG-IP devices. The use to perform traffic learning, by receiving the ASM traffic log messages, for the all the policy’s BIG-IP devices, and consolidating the traffic learning suggestions are possible
- CGI Proxy
- Common Gateway Interface Proxy
- : an interface specification that enables web servers to execute an external program, typically to process user requests
- CGNAT
- Carrier-Grade Network Address Translation
- : a network address translation that enables service providers to successfully migrate to IPv6 while continuing to support and interoperate with existing IPv4 devices and content
- CIFS
- Common Internet File System
- : a protocol that lets programs make requests for files and services on remote computers across the internet
- Clientless remote access
- : remote network access obtained without the installation of software on a user’s device
- Cloud-Native technology
- : empower organizations to build and run scalable applications in modern dynamic environments such as public private, and hybrid clouds
- Cluster
- : primarily made up of all the active slots in the chassis that work simultaneously as one system to process application traffic
- Cluster IP Address
- : a floating management IP address of the primary designated slot. Connecting to this IP to manage the VIPRION will automatically connect you to whichever slot is elected as “Primary”
- Cluster Member
- : an enabled physical or virtual slot that contains an active blade
- Cluster Member IP Address
- Cluster Member Internet Protocol address
- : an individual management IP address of each blade
- Cluster Synchronization
- : a phenomenon that occurs when a new blade is added to the system; The primary blade automatically propagates the BIG-IP system configuration to all the secondary blades when powered on brings them into the SuperVIP® cluster
- Colocation (Colo)
- : a housing tech, often networking equipment, in another location besides on-site
- Compression
- : a process of converting a message of n bits to m bits using fewer bits than the original representation
- Computational
- : an attack designed to consume CPU & memory
- Computing Cloud 64
- : on demand availability of computer system resources, especially data storage (cloud storage) and computing power, without direct active management by the user
- Connection flood
- : the oldest and most common type of DDoS attack that floods the server with requests for new connections and prevents legitimate requests from being established and served (aka. TCP connection flood)
- CDN
- Cross-Site Request Forgery
- : an infrastructure that helps organizations deliver static web content, rich digital media, and everything in between, to employees, vendors, partners, and customers worldwide, in the fastest amount of time at the lowest possible cost
- Cookie poisoning
- : an attack strategy in which the attacker alters, forges, hijacks, or otherwise “poisons” an otherwise valid cookie sent back to a server to steal data, bypass security, or both
- Credential suffering
- : a type of cyberattack where an attacker attempts to gain unauthorized access to a protected account by using compromised credentials
- Cross-site scripting
- : a web application attack used to gain access to private information by delivering malicious code to end-users via trusted websites
- CSRF (=XSRF)
- Cross-Site Request Forgery
- : a type of exploit of a website where unauthorized commands are submitted from a user that the web application trusts (aka. one-click attack or session riding)
- CVE
- Common Vulnerabilities and Exposures
- : a list of publicly disclosed computer security flaws
- DAC
- Discretionary Access Control
- : a type of access control defined by the Trusted Computer System Evaluation Criteria “as a means of restricting access to objects based on the identity of subjects and groups to which they belong
- Data Integrity
- : refers to the need to ensure that data remains valid and accurate, with alterations only through authorized processes
- Data layer security
- : describes the inspection of data packets to detect attempts to compromise network applications
- Datagram
- : a basic transfer unit associated with a packet switched network that provides connectionless communication services across a packet-switched network
- Datasheet
- : a document that summarizes the performance and other characteristics of a product, machine, component material subsystem, or software in sufficient detail that allows a buyer to understand what the product is and a design engineer to understand the role of the component in the overall system (aka. spec sheet)
- DDoS Defender (F5)
- : a hardware solution that protects against blended network attacks and sophisticated application attacks, while enabling full SSL decryption, anti-bot capabilities, and advanced detection methods – all in one appliance and provides
- DDoS Detection
- : a process of distinguishing DDoS attacks thorough out-of-band SPAN port and NetFlow monitoring
- Delegation
- : a process of a computer user handing over their authentication credentials to another user
- Delivery networking
- : a system of computers networked together across the Internet that cooperate transparently to deliver content (CDN)
- DEA
- Diameter Edge Agent
- : provides the extra security service providers require to connect securely with third-party partners when needed and share resources, such as in roaming and billing use cases
- Diameter interfaces
- : provides connections among diameter nodes to enable essential service provider network functions such as authentication, online and offline billing, and policy and charging
- Diameter load balancer
- : a load balancer that distributes signaling traffic across multiple servers in a network
- Diameter protocol
- : provides authentication, authorization, and accounting (AAA) messaging services for network access and data mobility applications in 3G, IP Multimedia Systems (IMS), and LTE/4G networks
- DRA
- Diameter Routing Agent
- : a functional element in a 3G or 4G network that provides real-time routing capabilities to ensure that messages are routed among the correct elements in a network
- DLTS
- Datagram Transport Layer security
- : a protocol based on TLS that is capable of securing the datagram transport
- DMZ
- Demilitarized zone
- : a portion of an enterprise network that sits behind a firewall but outside of or segmented from the internal network
- DNS
- Domain Name System
- : a hierarchical and decentralized naming system used to identify computers reachable through the Internet or other IP networks
- DNS NXDOMAIN flood
- : a flood attack attempts to make servers disappear from the Internet by making it impossible for clients to access the roadmap
- DNS query flood
- : uses a network of clients to target a single server with floods of valid requests and involves flooding a single DNS server with valid requests
- DTLS
- Datagram Transport Layer Security
- : a protocol based on TLS that is capable of securing datagram transport also known as well-suited for securing applications and services that are delay-sensitive and applications that tend to run out of file descriptors or socket buffers
- Dynamic Memory Allocation
- : refers to performing manual memory management that are allowed with memory at run time
- Endpoint Security
- : a strategy for ensuring that a client device does not present a security risk before it is granted a remote-access connection to the network
- E-Rate
- : a government funded program that aims to get internet access into schools & libraries who otherwise might not be able to afford
- External Fragmentation
- : a phenomenon which happens when there is enough area within the memory to satisfy the memory request of a method
- Extranet access control
- : ability to permit or deny access to corporate assets on an internal network, for use by non-employees outside the network
- F5
- : a technology company specializing in application security, multi-cloud management, online fraud prevention, application delivery networking, application availability & performance, network security, and access & authorization
- F5 Always-On
- : a F5 service that offers comprehensive & sophisticated F5 support, ongoing professional services, maintenance, monitoring, 24x7x365 emergency response from F5-certified engineers
- F5 AFM Managed Service
- F5 Advanced Firewall Manager managed service
- : a F5 managed service that provides granular IP-based and port-based firewall control of the F5 BIG-IP, and extends the logging capabilities around port-based filtering
- F5 ASM Managed Service
- F5 Application Security Manager managed service
- : a F5 managed service that provides WAF modules that protect web applications from threats like the OWASP top 10
- F5 AWAF
- F5 Advanced Web Application Firewall
- : a F5 firewall that provides malicious bot protection, application-layer encryption, API inspection, and behavior analytics to help defend against application attacks (formally known as ASM)
- F5 BIG-IP Daemons
- : a managing load-balanced traffic, configuring and controlling the switch chips, monitoring the health and performance of pool members, and performing high availability (HA) failover actions
- F5 BIG-IP DNS
- F5 BIG Internet Protocol Domain Name Servers
- : a server that takes the functionality of GTM and adds BIG-IP visibility, reporting, and analysis and hyperscale and secures DNS responses geographically to survive DDoS attacks
- F5 BIG-IP PEM
- F5 BIG-IP Policy Enforcement Manager
- : a program that delivers insight to users to understand subscriber behavior and effectively manage network traffic with policy enforcement capabilities and provides intelligent layer 4–7 traffic steering, network intelligence, and dynamic control of network resources through subscriber & context-aware solutions and deep reporting
- F5 Distributed Cloud Account Protection
- : a cloud protection that applies powerful AI for Online Fraud Protection. Block fraud missed by existing tools, slash friction for legitimate consumers by 90%, and reduce workloads for fraud teams. Evaluate transactions with telemetry, environmental, and behavioral data, connect context to user intent and feed the closed-loop AI for fine-tuned security solutions
- F5 Distributed Cloud Aggregator Management
- : a cloud management that embraces open banking while managing aggregator and third-party provider (TPP) risks. Gives user full access to their data—anytime, anywhere, and any app—while protecting against credential stuffing and ATO risks
- F5 Distributed Cloud API Security
- : a distributed cloud service that automatically discover API endpoints connected to your applications, prevent data leakage, and allow and monitor anomalous behavior. Deploy rapidly through SaaS using Points of presence (PoPs) for speed, scale, and protection. Observe all your API security and networking metrics in a single dashboard
- F5 Distributed Cloud Authentication Intelligence
- : an eliminate excessive and annoying login requests for legitimate returning consumers, reduce user interface friction, boost topline digital revenue, and improve customer experience, all while leveraging world-class artificial intelligence for the heavy lifting
- F5 Distributed Cloud Bot Defense
- : a protect applications from bots, automated attacks, scrapers, and exploits
- F5 Distributed Cloud Client-Side Defense
- : an in-browser solution for security monitoring and mitigation. Protect users from Magecart, form jacking, skimming, PII harvesting, session high jacking, account takeover (ATO), and other critical security vulnerabilities
- F5 Distributed Cloud DDoS Mitigation
- : a software that protects user’s apps against volumetric L3-L7+ DDoS attacks at the network edge, ensuring that the app still has global availability without impacting legitimate customers. Through single pane of glass visibility, provision on-demand, scale networks, expand capacity, deploy new services, maximize uptime and proactively defend against mitigated and active attacks
- F5 Distributed Cloud Multi-Cloud Transit
- : a cloud transit that enables multi-cloud networking functionality with secure, high-performance connectivity between clouds and a network firewall. Integrate a Layer 3 to 7 stack across networking devices with fine-tuned policies, management tools, and observability dashboards. Integrate across preferred public cloud provider such as Azure, Amazon Web Services, or Red Hat Openshift
- F5 Distributed Cloud WAF
- : a cloud-based protection for distributed web applications, easing the burden and complexity of consistently securing apps across cloud, on-premises, and edge locations. Add a new app by defining the origin server, the field qualified domain name (FQDN), and associate it with a policy through a universal API. Employ AI/ML-based techniques with a signature-based WAF, see real-time investigative drilldowns, and harness a powerful rule-based engine to manage traffic
- F5 Global Network Platform
- : the first app-to-app network specifically designed to secure and connect workloads across multi-cloud or edge, with the flexibility to host workloads for improved performance. Services include L3–L7+ DDoS protection, IPsec encryption between PoPs, segmented traffic using L3 VPNs, AI/ML threat protection, and top of line secure colocation facilities
- F5 GTM
- F5 Global Traffic Manager
- : a service that distributes DNS and user application requests based on business policies, data center/cloud conditions, user location, and application performance
- F5 IP Intelligence
- : a service that provides global DDoS threat intelligence feeds
- F5 LTM Managed Service
- F5 Local Traffic Manager managed service
- : a service that provides fully proxy traffic load balancing and is the heart of F5’s core offering, it helps user deliver applications to their users in a reliable, secure, and optimized way, it includes extensibility and flexibility of application services with the programmability in managing cloud, virtual, and physical infrastructure
- F5 Managed Services
- : the best solution to F5 customers with offers of completely outsource, the maintenance, management, security, day-to-day operations, and 24x7x365 emergency support of F5 BIG-IP deployments
- F5 NGINX
- : a solution that helps reduce complexity by consolidating common functions into fewer components, to help make application infrastructure more manageable
- F5 Professional Services
- : a offer service that supports all the popular modules within BIG-IP, including LTM, DNS(GTM), AFM, APM, and AWAF (ASM) also SSLO and SWG
- F5 SSLO managed service
- F5
- : a managed service that provides WAF modules that protect web applications from threats like the OWASP top 10
- Federated Cloud
- : a cloud that refers to facilitating the interconnection of two or more geographically separate computing clouds
- Federation
- : a collection of domains that have established trust, in this case, establishing trust with Azure Active Directory
- Firewall
- : a network security system that monitors and controls incoming and outgoing network traffic based on predetermined security rules
- Fragmentation
- : a phenomenon in which storage space, main or secondary storage is used efficiently, reducing capacity or performance & often both
- Full Proxy
- : a router that provides everything a reverse proxy can do and then some, because it manages client-side (your device to the LTM) and the server-side (the LTM to the server) independently (aka. Super Proxy)
- GET flood
- : used for two different kinds of attacks using the same request ; attacker can either request static URLs at a high rate, or simply ask for every single object on a website, one after the other
- Global namespace
- : a federation of file systems from any number of file storage devices, such as servers using NFS, CIFS, NAS, or any file servers
- Good Bots Allows
- : a performing useful and helpful tasks that aren’t detrimental to a user’s experience on the internet
- GSLB
- Global Server Load Balancing
- : a method of distributing internet traffic to a network of servers across the globe, creating a faster and reliable user experience with all the features and flexibility of F5’s without having to maintain the infrastructure
- Hash Dos attack
- : a common algorithm is used for the dictionary tables of all the major web service platforms
- Heavy URL
- : an URL that contains greater server load upon request and making attackers map out the most computationally expensive URLS on a site or application
- HTTP
- Hypertext Transfer Protocol
- : an application layer protocol in the internet protocol suite model for distributed, collaborative, hypermedia information systems
- HTTP 2 Gateway
- Hypertext Transfer Protocol 2 Gateway
- : a major revision of the HTTP network protocol used by the World Wide Web (first new version of HTTP)
- HTTP Flood
- : a type of DDoS attack which attackers exploit HTTP & POST unwanted requests to attack a web server or application
- Hybrid load balancing
- : refers to distributing client requests across a set of server applications that are running in various environments; in private cloud, and in the public cloud; maximizes the reliability, speed, and cost-effectiveness of delivering content no matter where it is located, resulting in an optimum user experience
- Hypervisor
- : a software emulator that runs virtual machines on different hardware , parallels seems to be the best version for Mac
- IaaS
- Infrastructure as a Service
- : a cloud computing service model by means of which computing resources are hosted in a public, private, or hybrid cloud
- ICSA Firewall
- International Computer Security Association Firewall
- : a certified network security devices designed to protect the network from other networks
- IdP
- Identity provider
- : a system entity that creates, maintains, and manages identify information for principals and provides authentication services to relying on applications within a federation or distributed network
- IETF
- Internet Engineering Task Force
- : a standard organization for the internet and is responsible for the technical standards that compromise the internet protocol suite
- IndieAuth
- : an open standard decentralized authentication protocol that uses OAuth 2.0 and enables services to verify the identity of a user represented by a URL as well as to obtain an access token that can be used to access resources under the control of the user
- Ingress controller
- : a specialized load balancer for Kubernetes environments; abstracts away the complexity of Kubernetes application traffic routing and provided a bridge between Kubernetes services and external ones
- Intelligent DNS Resolution
- Intelligent Domain Name System Resolution
- : a program that provides a more intelligent way to respond and scale to DNS queries and considers network conditions to distribute user application requests and application services based on business policies, data center conditions, network conditions, and application performance
- Inter-Cluster Mirroring
- : Mirrors connections and persistence records to another cluster
- Intra-Cluster Mirroring
- : Mirrors connections and persistence records within the cluster between blades in the same chassis. Only FastL4 Virtual servers connections can be mirrored intra-cluster
- IP address
- Internet protocol
- : a numerical label (such as 192.0.2.1) connected to a computer network using the Internet Protocol for communication
- IPv4
- Internet Protocol version 4
- : a 4th version of Internet Protocol was deployed in 1982. Uses a 32-bit address written in dot-decimal notation (ex. 172.16.254.1). Still used for most internet traffic
- IPv6
- Internet Protocol version 6
- : most recent version of the Internet Protocol was drafted in 1998 and ratified in 2017. Uses a 128-bit address written in hexadecimal notation (ex. 2001:db8::8a2e:370:7334). Allows route aggregation instead of routing tables, service delivery optimization, device mobility, security, configuration, but cannot communicate with IPv4
- iQuery
- : a protocol that functions on TCP port 4353, reports VIP availability and performance back to the GTMs
- iRule Development Service
- : a service that makes traffic decisions on any type of payload content or date the user defines
- ISP
- Internet Service Provider
- : an organization that provides services for accessing, using, or participating on the internet
- L7 DoS
- L7 Denial-of-Service attack
- : 7 layers of application of cyber-attack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connected to a network
- LAN
- Local Area Network
- : a computer network that interconnects computers within a limited area such as residence, school, laboratory, university campus or office building
- LDAP
- Lightweight Directory Access Protocol
- : an open, vendor-neutral, industry standard application protocol for accessing and maintaining distributed directory information services over an Internet Protocol network
- Legal Metadata
- : a metadata that provides information about the creator, copyright holder, and public licensing, if provided
- Load Balancer
- : a device that provides one point of entry for a service or website
- Load Balancing
- : a distributing incoming request across the group of servers
- MAC
- Mandatory Access Control
- : a type of access control by which the operating system or database constrains the ability of a subject or initiator to access or generally perform some sort of operation on an object or target
- Media server
- : a server that refer both to a software application that performs this function and a host that’s running the media server software; delivers video and audio content to clients who request it
- Memory Allocation
- : a process by which computer programs services are assigned with physical & virtual memory space
- Memory Management
- : a broad term that incorporates all processes and methodologies for the effective use, allocation, monitoring and management of computer memory
- Memory Paging
- : a memory management scheme by which a computer stores and retrieves data from secondary storage for use in main memory
- Metadata
- : a data that provides information about other data, but not the content of the data, such as the text of a message or the image itself
- Microservices
- : an approach to software architecture that build a large, complex application from multiple small components which each perform a single function (such as authentication, notification, or payment processing) and the term for the small components themselves
- Middlebox
- : a networking device that transforms, inspects, filters, and manipulates traffic for purposes other than Packet Forwarding. F5 got their start in middleboxes through Load Balancers
- MLS
- Multiple Levels of Security
- : an application of a computer system to process information with incompatible classifications, allow access by users with different security clearances and needs-to-know, and prevent users from gaining access to information which they lack authorization
- MS RDP Gateway
- Microsoft Remote Desktop Protocol Gateway
- : a proprietary protocol developed by Microsoft which provides a user with a graphical interface to connect to another computer over a network connection
- MCN
- Multi-Cloud Networking
- : a model of cloud computing where an organization utilizes a combination of clouds
- NAT
- Network Address Translation
- : one to one mapping between addresses
- NAT Address
- : a routable address on the external network of the BIG-IP system
- Network Packet
- : a formatted unit of data carried by a packet-switched network
- NGINX Plus
- : a versatile software license that can function as an enhanced Web Server, reverse proxy, ingress controller – orchestrating Kubernetes, and as an API Gateway / management
- Node
- : a program that allows user to distribute traffic to the servers in user’s pool based on metrics of those servers “globally” on the BIG-IP
- OAuth
- Open Authorization
- : an open standard for access delegation, commonly used as a way for internet users to grant websites or applications access to their information on other websites but without giving them the passwords
- Obfuscation
- : an act of creating source or machine code that is difficult for humans to understand
- OCI
- Open Container Initiative
- : an open governance structure around container formats and runtimes
- OIDC
- OpenID Connect
- : a 3rd generation of OpenID technology which is an authentication layer on top of the OAuth 2.0 authorization framework
- Onion Routing
- : a technique for anonymous communication over a computer network
- Origin Address
- : an internal address (for virtual server can’t use this IP address)
- OSI Model
- Open Systems Interconnection model
- : a conceptual model that describes universal standard of communication functions of a telecommunication system or computing system, without any regard to the system’s underlying internal technology and specific protocol suites
- OWASP
- Open Web Application Security Project
- : an online community that produces freely – available articles, methodologies, documentation, tools, and technologies in the field of web application security
- PaaS
- Platform as a Service
- : a cloud delivery model for applications composed of services managed by a third party (aka. Application platform as Service aPaaS )
- Packet Switching
- : a method of grouping data into packets that are transmitted over a digital network
- Pass-Through Authentication
- : users authenticate with the use of a Pass-Through Authentication Agent in Azure, which then authenticates them to On-Premises Active Directory Domain Services
- Password Hash Synchronization
- : a process which user’s password hashes are synced from Active Directory to Azure Active Directory
- Payload
- : a part of transmitted data that is the actual intended message
- PCI DSS (PCI Compliant)
- Payment Card Industry Data Security Standard
- : an information security standard for organizations that handle branded credit cards from the major card schemes
- PCoIP
- PC-over-IP
- : a proprietary remote display protocol developed by Teradici and is UDP – based protocol that is host rendered multi-codec and dynamically adaptive
- Physical Appliance
- : a component for keeping computing resources secure within an organization (aka. Physical device)
- PII
- Personally Identifiable Information
- : any representation of information that permits the identity of an individual / includes name, address, SSN or other identifying number or code, phone number, email address etc
- Platform Ops
- : the team responsible for curating, maintaining, connecting, and securing the platform that provides Dev, DevOps, SecOps, and NetOps teams with what they need for their jobs
- PoPs
- Points of Presence
- : an artificial demarcation point, or network interface point between communicating entities
- Portability
- : a measure of how easily an application can be transferred from one computer environment to another
- Portable application
- : a program designed to read and write its configuration settings into an accessible folder in the computer (aka. standalone)
- Porting
- : an ability of a computer program to be ported from one system to another in computer science
- Primary Blade
- : the blade in the primary slot
- Primary Slot
- : initially accepts application traffic and the floating cluster IP address is assigned to the primary slot
- Progressive download
- : a technique used to stream media from web server to a client such as a video player on a laptop or mobile phone
- Proxy Server
- : a server application that acts as an intermediary between client requesting a resource and the server providing that resource
- QualysGuard
- : a program that identifies and mitigates exposure to critical web application vulnerabilities, keeping your apps safe and secure made by Qualys, a cloud security and compliance services company
- Quorum
- : a process of electing primary and secondary blades occurs during booting of the chassis aka “Full Cluster Start-up”. To establish a quorum for all blades, agree on: Time, Cluster configuration, Which blades are powered up
- RADIUS
- Remote Authentication Dial-In User Service
- : a networking protocol that provides centralized authentication, authorization, and accounting management for users who connect and use a network service
- RAM
- Random Access Memory
- : a type of data storage used in computers that is generally located on the motherboard
- Reverse proxy server
- : a type of proxy server that typically sits behind the firewall in a private network and directs client requests to the appropriate backend server; provides an additional level of abstraction and control to ensure the smooth flow of network traffic between clients and servers
- RBAC
- Role-based access control
- : a policy-neutral access control mechanisms defined around roles and privileges that contains role assignment, role authorization, permission authorization
- Round-robin load balancing
- : one of the simplest methods for distributing and implementing client requests across a group of servers
- ROM
- Read Only Memory
- : a type of non-volatile memory used in computers and other electronic devices, it cannot be electronically modified after the manufacture of the memory device
- SaaS
- Software-as-a-Service
- : a software licensing and delivery model which software is licensed on a subscription basis and is centrally hosted. (aka on-demand software and Web-based/Web-hosted software)
- SAML
- Security Assertion Markup Language
- : an open standard for exchanging authentication and authorization data between parties between an identity and a service provider
- SCTP
- Stream Control Transmission Protocol
- : a computer networking communications protocol in the transport layer of the internet protocol suite
- Secondary Blades
- : any blade in a secondary slot
- Secondary Slots
- : any slot that is not the primary slot
- Secure Web Gateway SWG
- : a product providing threat protection and content filtering for internet access
- Service mesh
- : a technology that aims to improve the security, observability and traffic control of distributed systems ; a component of orchestration tools for containerized environments
- Session persistence
- : refers to directing a client’s requests to the same backend web or server for the duration of a “session” to complete a task or transaction
- Shape Security
- : an effective bot mitigation solution that focuses on fraud prevention and is to fraud what a WAF is to web application exploits
- Sidecar
- : a separate container that runs alongside an application container in a Kubernetes pod
- Silverline (F5) Silverline DDoS Protection
- : fully managed, cloud-based protection service that detects and mitigates large scale, SSL/TLS, or application-targeted attacks in real time
- Silverline Shape Defense
- : a defense program that protects user’s web apps from bots and other automated attacks by delivering continuous protection, even when attackers retool
- Silverline WAF
- Silverline Web Application Firewall
- : a web application firewall that lets users augment their in-house resources and decrease operational expenses with a service that’s deployed and maintained by certified experts in our Security Operations Center
- Slow Post
- : a process of attacker requests to attack the phenomenon of message in extreme slow rate
- SNAT
- Source Network Address Translation
- : translating the source address of the client initiating traffic, or the origin. Security comes from the host never knowing the addresses, you can’t request traffic to a SNAT. can’t send traffic to a SNAT—its either global or virtual . SNAT auto-map is the default option
- SNMP
- Simple Network Management Protocol
- : an internet Standard protocol for collecting and organizing information about managed devices on IP networks and for modifying that information to change device behavior
- SOA
- Service-Oriented Architecture
- : an architectural approach to designing applications around a collection of independent service; include greater ease of maintaining and updating service components
- SOC Visibility
- Security Operations Center Visibility
- : facility where enterprise information systems are monitored, assessed and defended
- SOCKS
- Socket Secure
- : an internet protocol that exchanges network packets between a client and server through a proxy server, and is like HTTP CONNECT in web proxies
- SP
- Service Provider
- : an organization that provides services, such as consulting, legal, real estate, communications, storage, and processing services, to other organizations
- Spoofed URL
- : one website that poses as another website
- SSL
- Secure Socket Layer
- : standard security technology for establishing an encrypted link between a server and a client
- SSL Decryption
- Secure Socket Layer Decryption
- : a process of decrypting traffic at scale and routing it to various inspection tools (aka SSL visibility)
- SSL Orchestrator
- Secure Socket Layer Orchestrator
- : all-in-one appliance solution designed specially to optimize the SSL infrastructure, provide with visibility of SSL/TLS encrypted traffic, and maximize the use of that existing security investment
- SSO
- Single Sign On
- : an authentication scheme that allows a user to log in with a single ID to any of several related, yet independent, software systems
- Static Memory Allocation
- : a program is allocated memory at compile time, before the associated program is executed
- Statistical Metadata
- : metadata that describe processes that collect, process, or produce statistical data (aka. process data)
- Structural Metadata 143
- : a containers of data and indicates how compound objects are put together (order of pages to form chapters and describes types, versions, relationships, and other characteristics of digital materials
- Suffix Proxy
- : a proxy that allows a user to access web content by appending the name of the proxy server to the URL of the requested content
- Syn Flood
- : a denial of service attack in which an attacker rapidly initiates a connection to a server without finalizing the connection
- TACACS
- Terminal Access Controller Access-Control System
- : refers to a family of related protocols handling remote authentication and related services for networked access control through a centralized server
- TCP
- Transmission Control Protocol
- : one of the main internet protocols of internet protocol suite that provides reliable, ordered, and error checked delivery of a stream of octets (bytes) between applications running on hosts communicating via an IP network
- TCP Express
- Transmission Control Protocol Express
- : a standard-based, state of the art TCP/IP stack that leverages optimizations natively supported to client and server operating systems, and optimizations that are not operating-system specific and contain WAN & LAN efficiencies
- TLS
- Transport Layer Security
- : a cryptographic protocol designed to provide communications security over a computer network
- Transparent Proxy
- : a proxy that intercepts normal application layer communication without requiring any special client configuration (aka. intercepting proxy, inline proxy, or forced proxy)
- UDP
- User Datagram Protocol
- : the one of the core members of the Internet protocol suite that provides checksums for data integrity, and port numbers for addressing different functions at the source and destination of the datagram
- vCMP
- Virtualized Clustered Multiprocessing
- : a feature of BIG-IP system that allows users to deploy multiple virtual BIG-IP instances on a single platform
- VDI
- Virtual Desktop Infrastructure
- : an infrastructure that provides a means of allowing remote access to either specific applications or a whole virtual desktop experience
- VELOS
- : F5’s most recent blade and chassis hardware
- VIP
- Virtual IP address
- : an IP address that does not correspond to a physical network interface, includes network address translation, fault-tolerance, and mobility
- VIPRION
- : an F5 product of on-demand application delivery controller that is chassis based, more powerful, and more fault tolerant appliance that runs BIG-IP Traffic Management Operating System software but it’s still BIG-IP at the core
- VIPRION Blade Clustering
- : a technology that spreads processing power over all the active slots, also known as “cluster members” (each slot/blade is considered cluster member)
- VIPRION Cluster Synchronization
- : an automated process that causes the “primary blade” to automatically propagate the BIG-IP software configurations to all secondary blades
- VIPRION Connection Mirroring
- : an use for ensuring in-process connections remain intact and processed by available blades
- Virtual Appliance
- : a pre-configured virtual machine image, ready to run on a hypervisor
- Visual Policy Editor
- : a screen on which to configure an access policy using visual elements
- VMware
- : a virtualization and cloud computing software vendor located in Palo Alto, California
- Volterra
- : F5 + Volterra Edge 2.0 platform represents the first open edge architecture, enabling DevOps and developer teams to seamlessly shift workloads across clouds and even to data centers, without reimplantation or retooling, enabling the largest scale and best performance possible
- VPN
- Virtual private network
- : extends a private network across a public network and enables users to send and receive data across shared or public networks as if their computing devices were directly connected to the private network
- Vulnerability–Based
- : an attack that exploit software vulnerabilities
- WAN
- Wide Area Network
- : telecommunications network that extends over a large geographic area
- Web acceleration
- : refers to speeding up the transfer of content between web servers and client browsers by using a variety of techniques such as caching and compression
- Web server
- : a server that stores and delivers the content for a website – such as text, images, video and application data – to clients that request it
- XML
- Extensible Markup Language
- : a markup language and file format for storying, transmitting, and reconstructing arbitary data that defines a set of rules for encoding documents in a format that is both human-readable and machine-readable
Leave a Reply