---

---

UNCLASSIFIED Glossary  Version 1.0g  UNCLASSIFIED 229   8.4.  Glossary of Router Security-related Terms AAA Authentication, Authorization, and Accounting –   The advanced user access control and auditing facility in Cisco IOS 11 and 12.  (See also RADIUS and TACACS+) ACL Access Control List - See “Access List” Access List A set of rules that identify, permit, or restrict network traffic, usually based on addresses and other information from the packet headers.  Cisco IOS depends heavily on access lists for traffic filtering, access to router services, IPSec configuration, and more. AH Authentication Header – a part of IPSec, the packet format and protocol for IP integrity assurance services. (see also IPSec, IKE, ESP) ARP Address Resolution Protocol – link-layer protocol used for mapping from IP addresses to MAC addresses in LAN environments.  ARP is standardized in RFC 826.  (See also MAC Address, LAN, Proxy-ARP) ATM Asynchronous Transfer Mode – virtual-circuit oriented link layer protocol, used for network backbones, LANs, and telecommunications facilities.  (See also LANE) BGP Border Gateway Protocol – an advanced routing protocol mostly using on backbone routers.  BGP is standardized in RFC 1267. CBAC Content-Based Access Control – packet inspection system used for application firewall functionality in Cisco routers. CDP Cisco Discovery Protocol – a proprietary link layer protocol that Cisco routers use to identify each other on a network.   Not commonly used today. CEF Cisco Express Forwarding – a proprietary packet transfer technology used inside most Cisco router models. DHCP Dynamic Host Configuration Protocol – UDP-based protocol for assigning host network attributes, like IP addresses and gateways, on the fly.  DHCP is standardized in RFC 2131.