Terms
Anti-Bot
1. Application that prevents computers from being controlled by hackers. 2. Check Point Software Blade that inspects network traffic for malicious bot software.
Anti-Virus
A solution to protect a computer or network against self-propagating programs or processes that can cause damage.
APP Wiki
A searchable application library, for Check Point Application Control and URL Filtering, with details about known Web applications and social networking widgets. (Also: AppWiki)
Block
1. To stop traffic before it reaches its destination. 2. To stop a command from execution. 3. To deny access by rule (though allowed by permission).
Bot
Malicious software that neutralizes Anti-Virus defenses, connects to a Command and Control center for instructions from cyber criminals, and carries out the instructions.
CoreXL
A performance-enhancing technology for Security Gateways on multi-core processing platforms.
CSCF
Call Session Control Function. A set of roles for SIP servers or proxies that handle SIP signal packets in the IP Multimedia Subsystem (IMS).
DBedit
A CLI tool that lets administrators make changes to objects in the Check Point databases. We recommend that administrators use the tool instead of when not using scripts.
Diameter
An authentication, authorization and accounting protocol that has many features not included in the legacy RADIUS protocol.
Diameter Application
An extension to the Diameter base protocol (as defined in RFC6733). Each application contains one or more commands and/or attributes. Applications are typically associated with an RFC.
DLP
Data Loss Prevention. Detects and prevents the unauthorized transmission of confidential information.
DPD
Dead Peer Detection. A methodology for the detection of a failed IKE peer. It can reclaim lost resources when a peer fails or trigger an IKE peer failover.
Drop
To not allow packets through the gateway, blocking the connection.
Event
1. A record of a security incident that is based on one or more logs, and on a customizable set of rules that are defined in the Event Policy. 2. In Media Encryption, a device connects to an endpoint computer. 3. In SmartLSM, an object with schedule settings for the Security Gateway to fetch its security policy. 4. In Endpoint Security, an object with schedule settings for Active and Standby server synchronization.
GGSN
Gateway GPRS Support Node. The main component of a GPRS network that is responsible for communication between the GPRS network and external, packet-switched networks, such as the Internet.
GPRS
General Packet Radio Service. A packet-oriented, mobile data service that works over Global System for Mobile Communication (GSM) networks.
GSM
Global System for Mobile Communications. An international standard that defines protocols for second generation digital cellular networks used by mobile phones.
GTP
GPRS Tunneling Protocol. A set of IP-based communication protocols that handle GPRS traffic over GSM, UMTS and LTE networks.
GuiDBedit
A graphical interface tool for administrators to change objects in Check Point databases.
HSPA
High Speed Packet Access. An improved third generation mobile communication protocol that significantly enhances data transfer. It is a combination of two protocols:
HSUPA - High Speed Uplink Packet Access
HSDPA - High Speed Downlink Packet Access
IKE
Internet Key Exchange. An Encryption key management protocol for IPSec that creates a shared key to encrypt and decrypt IP packets and establishes a VPN tunnel and Security Association.
IPS
Intrusion Prevention System. Check Point Software Blade that inspects and analyzes packets and data for numerous types of risks.
IPv4 embedded IPv6 address
An IPv6 address where the rightmost 32 bits are a valid IPv4 address.
LTE
Long Term Evolution. A fourth generation communication standard for high-speed wireless communication for mobile phone and data terminals. It is based on GSM and UMTS/HSPA network technologies.
PDP
Packet Data Protocol. A packet transfer protocol used in wireless GPRS/HSDPA networks.
Performance Pack
Check Point product that accelerates IPv6 and IPv4 traffic. Installed on Security Gateways for significant performance improvements.
PLMN
Public Land Mobile Network. A network established and operated by a recognized operating agency to supply land/mobile telephony and data services.
PSWT
Public Switched Telephone Network. A collection of public circuit-switched telephone network, including telephone lines, fixed lines, microwave transmission links, cellular networks, and satellite communication.
Remote Access Community
A group of computers, appliances, and devices that access, with authentication and encryption, the internal protected network from physically remote sites.
Remote Access VPN
An encryption tunnel between a Security Gateway and remote access clients, such as Endpoint Security VPN, and communities.
Rule
A set of traffic parameters and other conditions that cause specified actions to be taken for a communication session.
Rule Base
The database that contains the rules in a security policy and defines the sequence in which they are enforced.
SA
Security Association. A VPN tunnel where all hosts on one or more subnets are associated with the tunnel. By default, Check Point VPN tunnels are created between subnets, rather than hosts.
SCTP
Stream Control Transmission Protocol. A message-based, multi-streaming transport layer protocol commonly used in telephony applications.
Security Gateway
A computer or appliance that inspects traffic and enforces Security Policies for connected network resources.
Security Management Server
The application that manages, stores, and distributes the security policy to Security Gateways.
Security Policy
A collection of rules that control network traffic and enforce organization guidelines for data protection and access to resources through the use of packet inspection.
SGSN
Serving GPRS Support Node. The component of a GPRS network that is responsible for delivery of data packets to and from mobile stations in its geographical service area.
SIP
Session Initiation Protocol. A signaling protocol used for controlling multimedia communication sessions, such as voice and video calls over an IP network.
SmartDashboard
A Check Point client used to create and manage the security policy.
SmartEvent Server
Physical server that hosts the events database.
Software Blade
A software blade is a security solution based on specific business needs.
Each blade is independent, modular and centrally managed. To extend security, additional blades can be quickly added.
ThreatCloud Repository
A cloud database with more than 250 million Command and Control (C&C) IP, URL, and DNS addresses and over 2,000 different botnet communication patterns, used by the ThreatSpect engine to classify bots and viruses.
ThreatSpect Engine
A unique multi-tiered engine that analyzes network traffic and correlates data across multiple layers (reputation, signatures, suspicious mail outbreaks, behavior patterns) to detect bots and viruses.
UserCheck
Gives users a warning when there is a potential risk of data loss or security violation. This helps users to prevent security incidents and to learn about the organizational security policy.
UTMS
Universal Mobile Telecommunications System. A third generation, packet-based, mobile cellular technology for networks based on the GSM standard.
|
