Technical Terminology and Disambiguation
The following table, serves as a reference for the various abbreviations, and technical terminology used throughout the site.
2FA | Two Factor Authentication: Something you know e.g a password, AND something you have, like a phone with a 2FA application, or an RSA Key fob. |
3-2-1 | 3-2-1: Industry rule applicable to backups which states, you should have 3 COPIES , of your data, 2 COPIES on different storage media, and 1 COPY held off-site. |
3DES | Triple Data Encryption Standard: A method of encryption (168 bit). |
802.1x | An IEEE standard: Used for port based NAC (PNAC), typically uses one or more EAP, Certificates, or MSCHAPv2. |
AAA | Authentication, Authorisation, and Accounting: Security system Authentication proves who you are, Authorisation says what you can do, and Accounting logs what you have done. |
AAC | Advanced Audio Codec: A file format for storing music in ‘lossless’ quality. Used heavily by Apple. |
AAD | Azure Active Directory (Now called Entra ID). |
ACE |
1. Access Control Entry: One element of an ACL 2. RSA ACE Server is the old name for RSA Authentication Manager. |
ACL | Access Control List:Rules applied on a network device that allow communication over numbered ports to and from certain IP addresses. |
ACS | Access Control System (used be called Access Control Server), is the Cisco implementation of the TACACS+ AAA system. |
AD | Active Directory: Introduces with Windows Server 2000, this is Microsoft’s domain directory services role. |
ADAM | Active Directory Application Mode: This was replaced in Server 2008 with LDS |
ADC | Application Delivery Controller:Examples, Citrix NetScaler, or F5 BigIP device that acts like a load balancer for applications and services. |
ADFS | Active Directory Federation Services: Active Directory Federation Services, a software component developed by Microsoft, can run on Windows Server operating systems to provide users with single sign-on access to systems and applications. |
ADK | Windows Assessment and Deployment Kit: A suite of tools for customizing and deploying Windows operating systems, has replaced the WAIK. |
ADML | A file extension used for language files that are associated with an ADMX file. |
ADMX | A file extension used for files that can be imported into Microsoft Group Policy Objects. |
ADSL | Asymmetric Digital Subscriber Line: An Internet connection ran over copper wire (usually a telephone line). It tends to have faster download than upload speed. |
AES | Advanced Encryption Standard 128,192, or 256bit. |
AH | Authentication Header: A member of the IPSec suite of protocols provides integrity and authentication of data packets. |
AHV | Acropolis Hypervisor is a native, enterprise-grade hypervisor developed by Nutanix. It is part of the Nutanix Acropolis software-defined storage and virtualization solution, which aims to provide a hyper-converged infrastructure (HCI) platform. |
AI | Artificial Intelligence, refers to the development of computer systems that can perform tasks that typically require human intelligence. |
AMD | Advanced Micro Devices: A company that makes microprocessors and CPU’s. Main rival to Intel. |
AMP | Advanced Malware Protection: Anti Malware solution provided by Cisco Firepower. |
AP | See WAP |
API | Application Programming Interface: Allows software to talk to other software. |
ARM | Advanced RISC Machine: A ‘cut down’ processor used in mobile computing products |
ARP | Address Resolution Protocol: A network protocol used to translate physical addresses to IP addresses, and vice versa using RARP (Reverse ARP). |
AS | Autonomous System: An AS number is used with routing protocols (like EIGRP and OSPF), all routers that share information with each other in a group are members of the same AS number, (an AS number can be 1-65535). |
ASA | Adaptive Security Appliance: Range of Cisco firewalls. |
ASCII | American Standard Code For Information Interchange: (Pronounced ass-key). A method of transferring strings of characters digitally |
ASDM | Adaptive Security Device Manager: Web management console for Cisco firewalls running OS 7 and above. |
ASR | Aggregation Services Router: Cisco Routers used by enterprise size networks, and service providers. |
ATA | Advanced Technology Attachment: Used to connect drives to a computer. |
ATM | Asynchronous Transfer Mode: Used to move computer data, video, or audio over a network. It embeds the data in ‘cells’ which all travel along a fixed path to their destination. This differs from TCP/IP ‘packets’ which can travel over many different routed to their destination. |
AV | Anti Virus. |
AVC | Application Visibility and Control: Cisco solution to restrict and block traffic based on applications (OSI Layer 7) |
AVI | Audio Video Interleave: A File format used for video files. |
BBWC | Battery Backed Write Cache: A small power source that lived on a hardware RAID controller, the battery supplies power to the cache so in the event of power loss, information that is about to written to disk is not lost. |
BIND | Berkeley Internet Name Daemon: DNS software commonly used in Unix and Linux distributions. |
BIOS | Basic Input Output system: This is bootable firmware that live on most modern PC’s and Servers you access this before the OS loads usually by pressing F1, F2, F10, or Esc. |
BIT | Binary Digit: Either a one or a zero, the smallest unit of digital storage and bandwidth. |
BITS | Background Intelligent Transfer Service: A system that uses idle bandwidth to download data (usually updates). |
BSOD | Blue Screen Of Death: Seen on a Windows Machine after a crash, if it has not been set to reboot in the event of a crash, it takes it name from the blue background and white text. (Also see PSOD). |
BSSID | Basic Service Set Identifier: A unique name that specifies a wireless access point or router. Used in an Infrastructure wireless network *See SSID and ESSID) |
BT | British Telecom, the largest ISP in the UK, |
BT Syndrome | You have an Internet problem, so you ring BT, they tell you they can’t see anything wrong, and magically it starts working while you are on the phone. |
BYOD | Bring Your Own Device: A name given to the practice of allowing employees and visitors access to a corporate network from their own personal devices i.e tablets, phones, and laptops. |
CA | Certification Authority: An entity that produces digital certificates. |
CAB | Change Advisory Board: Part of change procedure, it’s used to approve change requests, and discuss what to do if changes fail, or need to be rolled back, and what the impact of those changes may be.’ |
CAL | Client Access License: A License used to access server services, used a lot on Microsoft Networks where licenses are “per seat”, “per user”, or “per device”. |
CAS | Client Access Server: A role used by Microsoft Exchange server. A CAS server typically runs OWA and ActiveSync |
CBAC | Context-Based Access Control: Introduced on Cisco Router and referred to as Classic IOS Firewall. It provides layer 4 and layer 7 stateful inspection. |
CCNA | Certified Cisco Network Associate: Entry level Cisco networking qualification. |
CCMP | Counter Mode/CBC-MAC Protocol: Security system that uses a 128 bit key for encryption. Seen on HP Wireless controllers. |
CCO | Cisco Connection Online: You can create a login free at Cisco to log into this service, once set up you can add valid support agreements to you account to enable you to get support and download updates. |
CCP | Cisco Configuration Professional: A Java based graphical management software tool for deploying and configuring Cisco Routers, and wireless access points etc. |
CCPA | California Consumer Privacy Act: A state statute intended to enhance privacy rights and consumer protection for residents of California, United States. |
CCR | Cluster Continuous Replication: Introduced in Exchange 2007, this provides a second copy of the exchange database that can be used in a disaster recovery situation. |
CD | Compact Disk |
CDA | Cisco Context Directory Agent: A small virtual machine that maintains mappings of users to devices, it gets this information form Active Directory or from Cisco ISE. |
CDP |
Cisco Discovery Protocol: Used to determine what network devices are on the other end of a network link (Cisco’s implementation of LLDP) Certificate Distribution Point: Usually a file share, or a virtual directory in IIS that is used to hold a CRL. |
CGI | Common Gateway Interface: A method use to both generate dynamic web content, and pass information between a web server and a browser or application a visitor is using. |
CHAP | Challenge Handshake Authentication Protocol: Used to authenticate a remote user or hot. |
CIFS | Common Internet File system: A Microsoft system for sharing files on a network that was developed from SMB. |
CLI | Command Line Interface: The command interface for various network devices, usually accessed by a console cable SSH or Telnet. |
CMC | Certificate Management over CMS: Is the transport protocol for CMS. |
CMOS | Complementary Metal Oxide Semiconductor: this is actually a technology used in integrated circuits, but some people still refer to a machines BIOS/RBSU as CMOS |
CMP | Content Management Platform: A solution that allows you to provide web visitors with an option to save their advert and cooke preferences. |
CMS | Cryptographic Message Syntax: A standard for signing, encryption or authenticating data. |
CN |
1. Common Name: {digital certificates} When a digital certificate is signed by a CA, this proves the common name (the name presented on the certificate) is correct. 2. Common Name: {Active Directory AD} The name of an object in active directory i.e. “CN=Fred Bloggs”. |
CNAME | Canonical Name: A Type of DNS record that points to another record, it is also sometimes referred to as an ‘alias’ record. |
CODEC | COder-DECoder (or Compressor-DECompressor). A small piece of software that lets a computer “Understand” a particular video/audio encoding. |
COM | Communication Port: A serial comminucation port on a device, usually a 9 pin (or 25 pin on old equipment) socket. Or on networking equipment presented as a female RJ45 or femail Mini USB socket. |
cPanel | cPanel is a suite of tools that a company hosting your website can provide you access to, to manage your own website. It is used on Apache web servers |
CPE | Customer Premise Equipment: Usually used with MPLS to describe the network device that is on customer premises. |
CPU | Central Processing Unit: The “Brain” and main chip that provides a machines number crunching capability. |
CRL | Certificate Revocation List: Is a list published by a CA for certificates that have been canceled or revoked. It uses OCSP. |
CRM | Customer Relationship Management: A system used primarily by sales marketing, and customer services. It’s usually a database of customers and potential customers. |
CSC | Content and Security Control: A Plug in module for ASA 5510 and above platforms that provides scanning and anti spam facilities from an embedded Trend Micro Server. |
CSE | Client Side Extensions: A set of extra GPP settings built into Windows 7, (need to be manually installed on older versions of Windows). |
CSR |
Certificate Signing Request: A request sent to a CA to apply for a digital certificate. Carrier Routing System: Cisco enterprise and ISP level routing system. |
CSV | Comma Separated Values: A common file format that can be opened by Microsoft Excel. Also used for importing and exporting bulk data. |
CSVDE | Comma Separated Value Data Export: A method of bulk importing or exporting data from a CSV file to perform a task – commonly used for bulk import/export of users or computers with AD |
CVE CVE-ID |
Common Vulnerabilities and Exposures: Provides a reference-method for publicly known information-security vulnerabilities and exposures. |
CVM | Controller Virtual Machine. It’s a virtual machine that runs on each node in a Nutanix cluster and serves as the brains of the system. The CVM handles various tasks related to managing and orchestrating the distributed storage, compute, and networking resources within the cluster. |
CVSS | Common Vulnerability Scoring System (CVSS) is a standard for assessing the severity of computer system security vulnerabilities. CVSS assigns severity scores to vulnerabilities, allowing responders to prioritise responses and resources according to threat. Scores range from 0 to 10, with 10 being the most severe. |
CX | Context:Terminology used by Cisco in their ‘Next Generation’ firewalls. A context is based on who the identity of a user is, what they are trying to access, when they are trying to access it, and how they are accessing it. |
DAC | Direct Attach Cable: Is a type of cable used in networking for connecting devices over short distances, typically within a data center or between closely located networking equipment. DAC cables are commonly used in high-speed networking environments where low latency and high bandwidth are crucial. |
DAG |
Database Availability Group: A system used by Microsoft Exchange to maintain database availability by keeping copies of the mail database(s) on different mail servers. Duo Authentication Gateway: A stand lone authentication solution that provides MFA for applications like office 365 and Salesforce. |
DB | Database |
DC | Domain Controller: The logon server that’s present in Microsoft Server domains. also Data Center |
DDOS | Distributed Denial Of Service Attack: A DOS attack form multiple machines, usually innocent user computers that have been compromised with spyware. |
DER | Distinguished Encoding Rules: A set of rules to govern the format and layout of information within a digital certificate. |
DES | Data Encryption Standard: A method of encryption (56 bit) is considered very weak for modern communication – in 1999 it was broken in 22 hours and 15 minutes by the EFF |
DH | Diffie Hellman: A system used to swap keys securely over a public network. |
DHCP | Dynamic Host Configuration Protocol: A method used to lease an IP address to a device so it can communicate on a network. |
DISM |
Deployment Image Servicing and Management: is a command-line tool that is used to service and prepare Windows images, including Windows Setup, Windows PE (Windows Preinstallation Environment), and Windows Recovery Environment (Windows RE). DISM can be used to install, uninstall, configure, and update the features and packages in Windows images. It is an essential tool for system administrators and IT professionals for managing Windows installations. |
DMVPN | Dynamic Multipoint Virtual Private Network: A solution to build dynamic GRE tunnels to multiple sites with NHRP. |
DMZ | De-Militarised Zone: A network segment attached usually to a less secure network, traditionally the home of web servers and edge servers. |
DNA | Cisco Digital Network Architecture: (Cisco DNA) is Cisco’s architecture for enterprise networks. As Cisco push towards Software Defined Networking, this plan is to have a singular GUI management, automation and security built in. That’s the drive behind Cisco DNA. |
DN | Distinguished Name: The complete path to an object in Active Directory |
DNS | Domain Name system: The system that translates network names into IP addresses. |
DNSBL | DNS based Block List (or Black-hole List depending on what documentation you read) Is dynamic list of known email spammers. |
DOS |
Disk Operating System: Very basic operating system, an example is Microsoft MSDOS Denial of Service: An attack on a networked system designed to slow it down, impede it, or take it Offline. |
DRAC | Dell Remote Access Card: Similar to an iLO on a HP server or an IMM on a Lenovo server. Allows remote ‘console’ access to the server. |
DRS | Distributed Resource Scheduler (DRS) is a feature of VMware vSphere, a virtualization platform. DRS dynamically balances computing workloads across a cluster of VMware ESXi hosts. It monitors resource usage such as CPU, memory, disk, and network utilization across the hosts in the cluster and automatically migrates virtual machines (VMs) from one host to another to optimize resource usage and performance. |
DS | Directory Services: Using a central repository of network assets for management |
DSL | Digital Subscriber Line: A network connection, usually to the Internet, the speed of traffic “down” is usually fast, and the speed of traffic “up” is slow, this makes it ideal for home Internet connections. |
DSN | Data Source Name: Usually used with ODBC connections these refer to a data source (usually a database) |
DSRM | Directory Services Restore Mode: A special mode a domain controller can be booted into, so that active directory can be restored, and the restoration be replicated to other domain controllers safely. |
DTP | Dynamic Trunking Protocol: A Cisco proprietary protocol for negotiating trunking on a link between two VLAN aware switches. |
DVD | Digital Versatile Disk or Digital Video Disk |
DVDROM | Digital Versatile Disk or Digital Video Disk Read Only Memory |
DVI | Digital Visual Interface: Connector used for PC Monitors typically white, replaced the older RGB connector |
DWDM | Dense Wavelength Division Multiplexing: Multiplexing means sending more than one signal over a given medium (connection). DWDM achieves this using optical technology to enable multiple information streams to use one single optical link. |
EAP | Extensible Authentication Protocol: Used with both wireless protocols like WPA, it’s part of the PPP suite of protocols |
ECC | Error-Correcting Code Memory: Typically more expensive than normal RAM, it uses a parity system to error check corruption in the data it holds. |
ECDH | Elliptical Curve Diffie Hellman: An anonymous key agreement protocol used in cryptography. |
ECDSA | Elliptical Curve Digital Signature Algorithm. |
ECP | Exchange Control Panel: Web based administrative console for Exchange, it was brought in with Exchange 2010. With Exchange 2013 the Exchange Administrative Center runs form the same location. |
EDNS | Extension mechanisms for DNS: Essentially DNS but in network packets greater than 512KB |
EFF | Electronic Frontier Foundation: Non profit US organisation. |
EIGRP | Enhanced Interior Gateway Routing Protocol: Cisco proprietary distance vector routing protocol. Routers share their routing information with neighbouring routers in a logical area called an autonomous system. |
ELA | Enterprise License Agreement with VMware, An ELA is a contractual agreement between VMware and an organization that allows the organization to use VMware products and services within the terms and conditions outlined in the agreement. |
EMC | Exchange Management Console: The Graphical user management console for Microsoft Exchange. |
ePO | e Policy Orchestrator: McAfee’s product for managing deployment and updates to its anti virus products. |
EPT | Extended Page Tables: A technology used by Intel VT-x for CPU virtualization. |
ESMTP | Extended Simple Mail Transfer Protocol (SMTP) As users wanted to send extra data attached to their emails, this system was developed to let that happen. It lets a client and mail server negotiate what capabilities it can use. |
ESP | Encapsulation Security Payload: A member of the IPsec suite of protocols provides authenticity integrity and confidentiality of data packets. |
ESSID | Extended Service Set Identifier is an SSID used in ad-hoc networks |
ESX |
Originally Stood for Elastic Sky, ESX is VMware’s hypervisor virtualisation server platform developed from GSX the i in ESXi is is for “Integrated” and can be ran from a flash drive or chip on a PC/Server. |
EULA | End User License Agreement: the legal contract between the user and the person/company who has produced some software. Typically the EULA is the section in an install where you tick “I Agree..”. |
EVE-NG | Emulated Virtual Environment (Next Generation): A brilliant piece of software for labbing virtual network devices, for testing, proof of concept, or just education. |
F5 | F5 Inc: Formally F5 networks, is a company that make Application Delivery Controllers. Which everyone, (much to the annoyance of F5) refer to as load balancers. |
FAT | File Allocation Table: A disk partitioning system typically used with older Microsoft Operating Systems. Is still used or partitioning of USB and flash media. |
FDM | Firepower Device Manager: Web based management GUI for managing an FTD device locally. |
FEP | Forefront Endpoint Protection: Microsoft’s Client AV solution released 2010 |
FIPS | Federal Information Processing Standards: A set of standards to describe document processing, encryption algorithms and information technology standards for use within non-military government agencies. |
FMC | Firepower Management Center: An appliance used to manage and deploy configurations to Cisco ASA FirePOWER, and FTD Devices. |
FPR | Firepower: Used to denote Cisco Firepower range of appliances. |
FQDN | Fully Qualified Domain Name, usually a PC or server-name followed by the domain DNS name i.e. server1.petenetlive.com |
FSMO | Flexible Single Master Operation: pronounced “Fiz-mo” These are 5 roles held by Active Directory domain controllers. |
FSRM | File System Resource Manager: Introduced with Server 2008 R2, this server role handles file quotas and screening rules. |
FSSO | Fortinet Single Sign-On (FSSO), formerly known as FortiGate Server Authentication Extension (FSAE), is the authentication protocol by which users can transparently authenticate to FortiGate, FortiAuthenticator, and FortiCache devices. |
FTD | Firepower Threat Defence: The operating system that runs on newer Cisco firewalls, it provides AMP, AVC, NGFW, IDS/IPS URL filtering and stateful firewall capabilities. |
FTP | File Transfer Protocol: As the name suggests, a protocol for transferring files over a network uses TCP Port 21. |
FTTC | Fibre to the Cabinet: An Internet connection that provides a fibre optic cable from either a telephone exchange (Or Comms distribution point), to the cabinets that are in the street. From the cabinet to the home/business will usually be standard copper (POTS) cable. |
FTTH | Fibre to the Home: An Internet connection that provides a fibre optic cable from either a telephone exchange (Or Comms distribution point), directly to a consumers home or place of business. |
GAL | Global Address List: Used on a Microsoft Exchange server a list of email addresses generated by the server that clients can search. |
GB | Gig a Byte: Giga means 10 to the power 9, or 1,000,000,000 bytes, however in computing terms we work in binary so it worked out as 2 to the power 30, which equals 1,073,741,824 bytes. |
Gbps | Giga bits per second 9 a bit is one binary digit (0 or 1) there are 8 bits in one Byte. |
GCM | Galois/Counter Mode (GCM): An encryption method thats usually used with AES and is very fast. It provides authenticity and confidentiality so it’s NOT used with a hashing algorithm. |
GDOI | Group Domain Of Interpretation: A group of network devices that maintain a common set of VPN/ISAKMP settings from a central ‘key server’. |
GDPR | The General Data Protection Regulation: A regulation in EU law on data protection and privacy in the European Union and the European Economic Area. |
GIMP | GNU (A Unix style free OS and software distribution) Image Manipulation Program. Free image processing program that I use instead of Photoshop. |
GMAC | Galois Message Authentication Code (GMAC) is an authentication-only variant of the GCM protocol |
GNS3 | Graphical Network Simulator: Is open source network simulation software, for replicating routers and network equipment. |
GOLR | Gateway Of Last Resort: On a router this is the equivalent of a default gateway. If no other routes in a routers routing table match the traffic, this is where it will get sent. |
GPO | Group Policy Object: This is a template used to lock down or enforce a policy on a computer or a user. |
GPP | Group Policy Preference: Brought in with Windows Server 2008 designed to compliment GPO network management. |
GRE | Generic Routing Encapsulation: A Cisco protocol for encapsulating other protocols over a network. |
GRT | Granular Recovery Technology: A term used by Symantec to describe their backup technology, that lets you restore a single item from a large backup job, e.g. one email from and Exchange backup, or one user from Active Directory. |
GSX | From its development name GSX is VMware’s Ground Storm Virtualisation platform, was replaced by ESX |
GUI | Graphical User Interface. |
GUID | Global Unique Identifier: Used to identify active directory objects, and also a hard coded serial number built into computers so they can be identified on a network when they pXe boot. |
GVE | Global Virtual Engineering: A division of Cisco that helps Cisco Partners with technical questions. |
HA | High Availability: An attribute given to a VMware cluster so that if any ESX host fails, it’s guest machines automatically get migrated to another host. Also the term used to describe multiple exchange databases deployed for fail-over. |
HBA | Hardware Bus Adaptor: An HBA is a circuit board or expansion card that physically connects a host system, such as a server, to internal and/or external storage, such as hard disk drives (HDDs), Solid State drives (SSDs), and external storage enclosures. |
HCI | Hyper-Converged Infrastructure. It’s a software-defined IT infrastructure that integrates compute, storage, and networking into a single, unified system. In traditional data centers, these components are typically managed separately, often requiring specialized hardware and complex configurations. HCI simplifies this by leveraging software-defined technologies to abstract and pool resources from standard, commodity hardware. |
HCL | Hardware Compatibility List: A List of hardware that is certified for use with certain versions of software. For example VMware produce an HCL for all Vendors hardware that has been tested with each version of its software. |
HDD | Hard Disk Drive. |
HDMI | High Definition Multimedia Interface: Method for sending digital video and sound signals, used for TV’s, Monitors, and digital cameras. |
HIPS | Host Intrusion Detection System: A software package which monitors a single host for suspicious activity, by analysing events occurring within that host. |
HSRP | Hot Standby Routing Protocol: A Cisco protocol that provides a fault tolerant default gateway solution. |
HTML | Hyper Text Markup Language: Is a language used to create documents on the world wide web. |
HTPC | Home Theatre Personal Computer. |
HTTP | Hyper Text Transfer Protocol: Traditionally the protocol of web pages, runs over TCP port 80, however multiple vendors abuse this by trying to get their software to run on the same port as this port is usually open on corporate firewalls. |
HTTPS | Hyper Text Transfer Protocol Secure: This is web traffic that is secured, using SSL |
IAB |
The Interactive Advertising Bureau is an advertising business organization that develops industry standards, conducts research, and provides legal support for the online advertising industry. |
IAS | Internet Authentication Server: Microsoft Implementation of RADIUS |
ICMP | Internet Control Message Protocol: Part of the IP suite of protocols, ICMP is used to send errors and connection states. |
IDE | Integrated Drive Electronics: It is a standard interface used for connecting storage devices such as hard drives and optical drives to a computer’s motherboard. IDE, also known as ATA (Advanced Technology Attachment), integrates the drive controller directly into the drive itself, simplifying the connection process and improving data transfer speeds compared to earlier standards. |
IDS | Intrusion Detection System |
IE | Internet Explorer: Microsoft’s OLD web browser. |
IEEE | Institute of Electrical and Electronics Engineers (or IEEE-SA Standards Association) : Set Standards for IT and Telecoms (amongst others). |
IESC | Internet Enhanced Security Configuration: A Tighter set of browser stings applicable to a Windows Server. |
IETF | Internet Engineering Task Force: Develops and promotes Internet Standards |
IIS | Internet Information Server: The Microsoft web server platform, included with Windows server systems. |
IKE | Internet Key Exchange: A protocol used to set up SA’s in the IPsec protocol |
iLO | Integrated Lights Out: Let you connect to the console of a HP Proliant Server, even if its powered off, the iLO is presented as a standard RJ45 network socket on the back of the server. |
IMAP | Instant Message Access Protocol: Method of retrieving messages from a mail server, runt over TCP port 143 |
IMHO | In My Humble Opinion. |
IMM | Integrated Management Module: Seen on IBM X Series Servers (now Lenovo). This is similar to a HP iLO or a Dell DRAC. |
IOPS | Input / Output Operations per second: A figure used by storage vendors to showcase how great their storage is. |
IOS | Internetwork Operating System: OS used by Cisco devices and Apple Devices. |
IP | Internet Protocol: A protocol for communicating across a switched network (like the Internet). |
IPS | Intrusion Protection System |
IPSEC | Internet Protocol Security: A suite of protocols for securing IP communications. |
IPv4 | IP Version 4: IP addressing scheme which can have 2 to the power 32 (4,294,967,296) possible addresses. |
IPv6 | IP Version 6: Replacing IPv4, IPv6 uses 128-bit addresses, for an address space of 2 to the power 128 (approximately 340 undecillion or 3.4×10 to the power 38). |
IQN | iSCSI Qualified Name. Is a unique identifier used in iSCSI (Internet Small Computer System Interface) networks to identify specific resources such as storage targets or initiators. |
ISA | Microsoft Internet Security and Acceleration Server: replaced MS Proxy 2.0, it provides web proxy services and Enterprise Firewall capabilities. |
ISAKMP | Internet Security Association and Key Management Protocol: A system for establishing Security Association and secure keys, usually used for VPN communication. |
iSCSI | Internet Small Computer System Interface: System used to carry SCSI commands over an IP network, used for small SAN infrastructures. |
ISE | (Pronounced ICE) Identity Services Engine: A Cisco product, it’s a security policy management & control platform that automates and simplifies access control, and security compliance for wired, wireless, and VPN connectivity. Cisco ISE is primarily used to provide secure access and guest access, support BYOD initiatives, and enforce usage policies in conjunction with Cisco TrustSec. |
ISO | A type of file format that’s used for storing CD/DVD Images, it takes its name from the International Organization for Standardization. |
ISP | Internet Service Provider: The Person or company that provides a link to an external network (usually the Internet). |
ISR | Integrated Services Router: A series of Cisco Routers used by small to medium sized customers. |
IV | Initialization Vector: Used in cryptography, its a ‘fixed size’ input. |
IWSS | Inter Scan Web Security Suite: A suite of products by Trend Micro, for AV and URL filtering. |
JNLP | Java Network Launching Protocol: Used to deliver “Java Web Start” and run an application from a web server. |
JRE | Java Runtime Environment is software that Java programs require to run correctly. Java is a computer language that powers web and mobile applications. |
JSON | JavaScript Object Notation: Open standard file format, and data interchange format, that uses human-readable text to store and transmit data objects consisting of attribute–value pairs and array data types. It is a very common data format. |
Kb | Kilobit: 1 kilobit = 10(to the power 3)bits = 1000bits |
KB | Kilo means 10 to the power 3, or 1,000 bytes, however in computing terms we work in binary so it worked out as 2 to the power 10, which equals 1,024 bytes. |
KMS | Key Management Server/Service: With the release of Windows Vista/2008 Microsoft changed their software license method. Previous VLK keys were replaced by both MAK and KMS Keys. Software with a KMS key must get its activation from a KMS server (installed on its local network) every 180 days. |
KVM |
KeyBoard/Video/Monitor: Device fitted to multiple computers/servers to allow interaction from a single keyboard monitor and mouse. Kernel-Based Virtual Machine: A Linux based virtualisation/hypervisor. |
L2TP | Layer Two Tunneling Protocol: Developed from PPTP used to authenticate remote VPN clients |
LACP | Link Aggregation Control Protocol: A protocol that allows you to bundle together more than one network link and treat it as it id is one link. |
LAN | Local Area Network: A computer network that connects multiple PC’s to each other and local resources. Also the inside port on a router or firewall. |
LAPS | Local Administrator Password Solution: Microsoft Software used to periodically change the local administrator password on machines and set them differently, as defined in Group Policy. Those passwords are then stored securely in AD. |
LBFO | Load Balancing and Fail Over: New with Server 2012, this provides NIC teaming/aggregation and standby NIC support. |
LDAP | Lightweight Directory Access Protocol: Designed for accessing and editing directories over an IP network, Microsoft LDAP commonly runs over TCP port 389 |
LDAPS | Secure LDAP, usually over TCP port 636, and secured by a PKI certificate. |
LDS | Lightweight directory Services: A small subset of AD that’s used for applications, (on versions of Windows before 2008 it was called ADAM) |
LLDP | Link Layer Discovery Protocol: Similar to Cisco’s CDP, this is a vendor-neutral protocol designed to tell you what devices are directly connected to you at the ‘other-end’ of a network link. |
LLMNR | The Link-Local Multicast Name Resolution: A protocol based on the DNS packet format that allows both IPv4 and IPv6 hosts to perform name resolution for hosts on the same local link. |
LTM | Local Traffic Manager: A licensed feature on an F5 ADC/Load Balancer |
LTO | Linear Tape Open: A standard of magnetic tape storage, developed by Quantum/Seagate. Commonly used by HP, IBM and Certance |
LUN | Logical Unit Number: used in SAN storage, each piece of “storage” is represented by a LUN that’s presented to other devices on the storage network/fabric. |
LXC | Linux Containers (LXC) is a lightweight virtualization technology that allows you to run multiple isolated Linux systems (containers) on a single Linux host. Unlike traditional virtualization methods where each virtual machine (VM) runs its own complete operating system, containers share the host system’s kernel and, in some cases, parts of the operating system, making them more lightweight and efficient. |
M4A | MPEG 4 Audio:Essentially an MP4 file that is audio and not multimedia. Used by Apple and iTunes. |
MAB | MAC Address bypass: Not all devices support 802.1x authentication, so MAB is enabled for those devices to bypass normal authentication |
MAC | Media Access Control: The “Burned in” hardware address used on all Ethernet network devices. |
MACSEC | MAC Security Standard is the common name for IEEE Standard 802.1AE. It provides ‘point to point’ encryption at layer 2 of the OSI model (Data Link layer) |
MAK | Multiple Activation Key: A Microsoft software unlock code, designed to be used multiple times. Took over from a VLK key, its either entered manually, from a script or unattended file, or using the VAMT tool. |
MAPI | Messaging Application Programming Interface: A Set of standards and instructions that allow programs to talk to Microsoft Mail applications like Exchange Server. |
Mb | Megabit: 1 megabit = 10(to the power 6)bits = 1000000bits = 1000 Kb |
MB | Megabyte: Mega means 10 to the power 6, or 1,000,000 bytes, however in computing terms we work in binary so it worked out as 2 to the power 20, which equals 1,048,576 bytes. |
MD5 | Message digest algorithm 5: Produces a fixed 128 bit hash commonly used to check integrity of files |
MFA | Multi Factor Authentication: Multi-factor Authentication (MFA) is an authentication method that requires the user to provide two or more verification factors to gain access to a resource. |
MITM | Man In The Middle: A Type of attack, where the attacker sits in ”plain sight and pretends to be something you would trust, like a wireless access point, or a website. |
MKV | Matroska Files: these are video files, similar to AVI files, but with extra features. |
MMC | Microsoft Management Console: A front end that accepts various “Snap ins” for managing items in a windows environment. |
MOVE | Management for Optimized Virtual Environments: McAfee AV solution for Virtual machines and VDI environments. |
MP3 | MPEG-1 Audio Level 3: A popular format for storing and playing digital music. |
MP4 | MPEG-1 Audio Level 4: A popular format for storing and playing digital video, audio, images, animations and menus. |
MPEG | Moving Picture Expert Group |
MPF | Modular Policy Framework: A system for applying policies on a Cisco Firewall they can be applied globally or per interface.m |
MPLS | Multi Protocol Label Switching: Solution that routes traffic based on a ‘Label’ that gets injected into the packets. |
MSA | Modular Storage Array: A range of SAN devices by Hewlett Packard |
MSDOS | Microsoft Disk Operating System: what we had from Microsoft before Windows. Still seen on older Novell Servers. |
MSCEP | Microsoft version of SCEP |
MSCHAP | The Microsoft Implementation of CHAP |
MSDE | Microsoft SQL Desktop Edition: A cut down version of Microsoft SQL Server,that is free. Has now been replaced by SQL Express. |
MSDN | Microsoft Developer Network (here). |
MSI | Microsoft Installer File: A type of file extension that denotes a piece of setup software for an application, the advantage of .msi files is that they can be installed on clients via GPO |
MSM | Multiservice Mobility Controller: An HP Product Line of Wireless Controllers. |
MSP | Managed Service Provider: Managed services is the practice of outsourcing the responsibility for maintaining, monitoring, support, response and escalation of problems on behalf of a client. |
MTU | Maximum Transmission Unit: The maximum size (in bytes) that a single packet can be, for transmission over a network. |
MX | Mail exchanger record: Is a DNS record that it used so that someone can query a domain to find the name/address of its mail server. |
NAC | Network Access Control: A more generic (non Microsoft) form of NAP. May or may not be used to ‘Posture Asses’ a network client based on AV status, Updates, HIPS, or Certificate information etc. |
NAP | Network Access Protection: A Microsoft technology for controlling network access based on policies. |
NAS | Network Attached Storage: Hard drive storage that’s presented to a network with its own address. |
NAT | Network Address Translation: Translating many IP addresses to few IP addresses. |
NDES | Network Device Enrollment Service: The name given to the Microsoft Server role that replaced MSCEP/SCEP. It’s a service that allows network devices to enroll for digital certificates. |
NDR | Non Delivery Report: Produced by a mail server, and sent to the sender, when an email cannot be delivered. |
NetBIOS | Network Basic Input/Output System: Is NOT a networking protocol its an API, can be likened to DNS insofar at it maps names to IP addresses. |
NetBEUI |
NetBEUI stands for NetBIOS Extended User Interface, is a networking protocol developed by IBM and Microsoft in 1985 that is used for workgroup-size LANs with up to 200 stations. NetBEUI is an extension of NetBIOS |
NFR | Not For Resale: Software or Hardware supplied by a vendor, (usually to a reseller) to use for demonstration, test or training purposes. |
NFS | Network File system: Developed by Sun Microsytems this is a protocol for allowing a client to access files on a shared datastore/system, currently at version 4 and is defined in RFC 3530. |
NGFW | Next Generation Firewall: A term used to describe a firewall that can perform inspection up to layer 7, and provide other services like anti-malware, URL filtering and IDS. |
NGINX | Pronounced Engine-X (or En-jinks): It’s an open source (high performance) software, for web servers, reverse proxies, and load balancing. |
NHRP | Next Hop Resolution Protocol: A protocol which lets network endpoints know what the ‘real’ IP addresses of the ‘next hop’ to a destination is, e.g. If a router asks the NHS server ‘I need to build a tunnel to 192.168.0.100’ it will reply with ‘The public IP address of that site is 123.123.123.123’. |
NHS | Next Hop Server: Usually Router running NHRP, this device tells remote sites where there ‘Next Hop’ is to establish a GRE Tunnel in a DMVPN environment. |
NIC | Network Interface Card: The device that connects a PC/Server to a network this can be wired or wireless. |
NNTP | Network News Transfer Protocol: An old protocol used for posting usenet articles runs on TCP port 119 |
NPAPI | Netscape Plugin Application Programming Interface. |
NPS | Network Policy Server is the Microsoft implementation of a Remote Authentication Dial-in User Service (RADIUS). |
NSE | The Fortinet Network Security Expert (NSE) program is an eight-level training and certification program that is designed to provide interested technical professionals with an independent validation of their network security skills and experience., |
NSEL | NetFlow Secure Event Logging |
NSX | Does not stand for anything! It’s the next iteration of the VMware virtualisation platform ESX, common opinion is the ‘N’ denotes network. |
NTFS | New Technology File system: Introduced with Windows NT4, a method of securing files on storage media. |
NT | New Technology: Released as Windows NT 3.1 (1993). The most well known is Windows NT4 (1996). Its still a system in use today (Windows 7 and Server 2008 R2 is denoted as NT 6.1). |
NTLM | NT LAN Manager: A Microsoft suite of protocols that provide authentication, integrity and confidentiality. |
NTP | Network Time Protocol: Used to synchronise system clocks on network devices. It runs over UDP port 123. |
NVRAM | Non-Volatile RAM: A term usually used with routers to describe RAM that contains information that will not be lost when the device is powered off, these days we would call it flash memory. But you will still see this term used in router documentation. |
OAB | Offline Address Book: Generated by Microsoft Exchange Server and downloaded to Microsoft Outlook clients for use in cached mode. |
OCSP | Online Certificate Status Protocol: Used by a CA to answer certificate revocation requests. |
ODBC | Open Database Connectivity: A standard method of accessing a database. Usually configured on a client that has software that needs a database ‘back-end’ on another server or machine, |
OEM | Original Equipment Manufacturer: Someone who produces computer equipment that comes pre-bundled with a Windows operating system. Note: A Windows OEM code will NOT work on Volume Licensed Software |
OOBE | Out Of Box Experience: The name Microsoft gives to the process you go through when you first setup a copy of Windows. |
OS | Operating System: The software between the hardware and you, on a PC it would be Windows or Linux, on a Hardware device it is probably vendor specific i.e. Cisco ASA OS 7.2(2) |
OSI |
Open Systems Interconnect: Is a conceptual model used to teach/design and build networked systems. It is an seven layer model; 1. Physical I memorise the layers using the following Mnemonics; Please, Do , Not, Throw, Sausage, Pizza, Away. |
OSPF | Open Shortest Path First: An ‘interior’ routing protocol for IP networks. It is a ‘link state’ protocol that groups networks into groups called AS groups. |
OTP | One Time Password: Used in cryptography to obtain a certificate. |
OU | Organisational Unit: This is a container used in Directories like Active Directory or Novell Directory Services, can be used to hold directory objects like users, servers or printers etc. They can also be used to apply GPO |
OVA | Open Virtualisation Appliance: A packaged OVF folder, (compressed via TAR). |
OVF | Open Virtualisation Format: A method of “Transporting” virtual machines, used so that they can be made “Portable”. Normally packaged into an OVA File. |
OWA | Outlook Web Access: The web front end to Microsoft Exchange. After Exchange 2010 this is now called Outlook Web App. |
P2V | Physical to Virtual: The act of converting a real machine top a virtual one. |
PAK | Product Activation Key: a License key used by Cisco, to enable/add features to a Cisco device. |
PAP | Password Authentication Protocol: Used to authenticate users before network access is allowed. |
PAT | Port Address Translation: Translating many IP addresses to a single IP address (Used on Cisco firewalls for port forwarding). |
PCL | Printer Control Language: Is a command language that is used with printer drivers so that applications can send data to a printer. |
PCoIP | Created by a firm called Teradici, it is a similar protocol to RDP, insofar as it lets you view the desktop of a remote machine and interact with it. It’s the preferred protocol to use with VMware View (after version 4.6). |
PDC | Primary Domain Controller: Used in Windows NT4 environments, though now in new Active Directory you will still have a domain controller that holds the PDC Emulator FSMO role. |
Portable Document Format: Usually opened with Adobe Acrobat (Though other pdf readers exist). | |
PDM | PIX Device Manager: Web management console for Cisco firewalls running OS 6 and below. |
PEAP | Protected Extensible Authentication Protocol: Takes normal EAP traffic and encapsulates it in a secure TLS tunnel. |
PEM | Privacy Enhanced Mail: A format for showing a digital certificate, can be sent via email or pasted into a devices configuration looks like this. |
PERC | PowerEdge Expandable RAID card: Dell’s name for its server RAID cards. |
PFS | Perfect Forward Secrecy is a method by which new keys are generated, each new key is mathematically linked to the key that came before it, the prior key being a “Grandfather” key. With PFS enabled this link is broken so a key can not be forward/reverse engineered to guess a previous/new key value). Every new negotiation produces a new fresh key. |
PFX | Personal Information Exchange Format: File format that enables the transfer of certificates, (and their private keys) from one computer to another, or to removable media. |
PHP | PHP:Hypertext Processor (confusing eh? The first word of the acronym is the acronym, this is called a recursive acronym). Its an embedded scripting language commonly used in HTML. |
PID | Process Identifier: The number allocated to processes on a computer running an OS like windows or UNIX. |
PING | Ping is a command utility that uses the “echo request” part of the ICMP suite of communications protocols, it is used to test network connectivity and the “round trip” time packets take over a network. |
PIX | Packet Internet eXchange: Cisco’s firewall platform before the ASA was released. |
PKCS | Public Key Cryptography Standards: A set of encryption and crypto standards published by RSA. |
PKI | Public Key Infrastructure: A system that uses public and private keys for cryptography. Commonly used for digital certificates. |
POE | Power Over Ethernet: A method of delivering electric power over a network cable. Used to power devices like IP Phones and Wireless Access Points |
POODLE | Padding Oracle On Downgraded Legacy Encryption: A ‘Man in the Middle’ SSL Exploit that forces communication over SSLv3. Once done the attacker can initiate multiple SSL connections and decrypt the data. Note: In December 2014, it was discovered were also susceptible to POODLE attacks on TLSv1.0 and TLSv1.2. |
POP | Post Office Protocol: Method for retrieving mail from a public mail server runs over TCP port 110 |
POTS | Plain Old Telephone System. |
PPP | Point to Point Protocol: This is a communication protocol that is designed to establish a link between two places, it provides authentication, encryption and compression. |
PPPoA | Point to Point Protocol over ATM: This is a communication protocol that uses PPP and places , it’s commonly used with ADSL routers. |
PPPoE | Point to Point Protocol over Ethernet: This is a communication protocol that uses PPP and places that information into normal Ethernet frames, it’s commonly used with DSL and FTTC connections. |
PPTP | Point to Point Tunneling Protocol: Used to establish a VPN tunnel it runs in IP protocol 47 and TCP port 1723. |
PRF | Pseudo Random Function: A system used in modern cryptography, that allows information to be exchanged securely across an insecure network. |
PRISM | Nutanix Prism is a comprehensive management solution provided by Nutanix for their hyperconverged infrastructure (HCI) platforms. It serves as a centralized management interface that allows administrators to efficiently manage, monitor, and optimize their Nutanix environment. |
PRSM | Cisco Prime Security Manager: A Management platform for Cisco Next Generation firewalls and CX devices. |
PSOD | Pink Screen Of Death: Seen on VMware servers after a crash (like a Windows BSOD only the screen background is pink). |
PST | A Microsoft Personal Folder File: Usually used by Microsoft Outlook to store mail locally in a file. These can go corrupt/get deleted and cause loss of data, which unlike the data in your email server may not be backed up! |
PSTN | Public Switched Telephone Network: Old fashioned phone system sometimes referred to as POTS |
PuTTY | A free popular SSH/Telnet and terminal emulation software. |
PXE | Pre eXecute Environment: A system in modern PC’s that enable them to be booted from their NIC. |
QoS | Quality of Service: Is the description or measurement of the overall performance of a service, such as networkign thoughput, or storage performance. |
R2 | Release 2 (or Second Release), used by Microsoft for major OS releases e.g. Windows Server 2003 R2 and Windows Server 2008 R2 |
RA | Registration Authority: Used on a CA Server running SCEP/MSCEP/NDES. Remote Access: When used with VPN terminology |
RAID | Redundant Array of Independent Disks (or Inexpensive Disks depending on who you are talking to). This is a blanket term, for any method of presenting multiple physical disks, and making them appear as a single piece of storage. |
RADIUS | Remote access Dial In User System: A method of authenticating access to a network. |
RAM | Random Access Memory: Or volatile memory, provides a PC/server with short term high speed memory. |
RARP | See ARP |
RBAC | Role Based Access Control: Used with Exchange 2010, makes delegating Exchange tasks easier. |
RBL | Relay Block List / Realtime Black-hole List: A dynamic list of IP addresses and host-names that have been suspected/reported as being either an open relay, or are generating spam. |
RBSU | ROM Based Setup Utility: Typically found on HP Servers the RBSU is a small BIOS chip for holding the system settings. |
RC4 | Is a cypher developed by RSA it is easily broken by modern computers thus considered insecure. |
RD | Remote Desktop, See RDP |
RDP | Remote Desktop Protocol: A Microsoft protocol that allows the desktop of one machine, to be shown on another machine over a network, can be used for remote assistance, remote administration, or Terminal Services. Runs over TCP port 3389 |
RDS | Remote Desktop Services the new name in Windows 2008 for Terminal Services (TS). |
RDX | Removable Disk Storage/Backup System (No I don’t know why it has an X!) a Hard Drive based backup solution that behaves like a tape drive. |
RFC | Request For Comments: These are a collection of memorandums published by the IETF as a method of trying to standardise communication standards and protocols. |
RGB | Red Green Blue: 15 pin video cable connector (typically blue in color). Used for Monitors and projectors. |
RIP | Routing Information Protocol: A distance vector IP routing protocol. It works by calculating the number of ‘hops’ to a destination, because of this it does not scale well. |
RIS | Remote Installation Services: Introduced in Windows 2000, system for deploying (imaging) PC’s and Servers from a central Windows Server (Replaced by WDS). |
RISC | Reduce Instruction Set Computer: A CPU architecture that is small and fast because it only runs a smaller set of commands. |
RJ45 | Registered Jack 45: Is a standard 8 pin network connection. |
RODC | Read Only Domain Controller (Server 2008 only). A domain controller with a “Read Only” database it caches credentials rather than storing then in case it is stolen. |
ROM | Read Only Memory: Memory that can not (normally) be written to i.e. CD ROM. |
ROMMON | ROM Monitor, is a low level bootstrap program used on Cisco devices to check and initialise the hardware then load the operating system. |
RPC | Remote Procedure Call: A system used on random communication ports to let systems talk to each other. |
RRAS | Routing and Remote Access: Is a Windows server role, that provides the following, Remote access, Dial up, VPN, NAT, Routing, and Demand Dial services. |
RSA | Rivest, Shamir and Adleman: An algorithm for public key cryptography. |
RSAT | Remote Server Administration Tools: Suite of Microsoft MMC consoles for managing servers and domains. |
RSOP | Resultant Set Of Policy: rsop.msc is a trouble shooting tool on Windows machines to help resolve group policy problems. |
RSS | Really Simple Syndication: A web based news feed system. |
RTFM | Read the F***ing Manual! |
RTFQ | Read the F***ing Question! |
RTM | Released To Manufacturing |
SA | Security Association: a secured peer in a site to site VPN |
SaaS |
Software as a service is a solution fordelivering applications (usually) over the Internet as a service. This saves you of installing and maintaining software, freeing yourself from complex software and hardware management. |
SAL |
Subscriber Access License: Like a CAL, but typically used when you are covered by SPLA Licensing. A Subscriber Access License (SAL) is required for each unique individual user or device that is authorized to access or otherwise use the licensed products. A separate Server Licence is not needed. Examples of products licensed this way include Windows Server, SQL Server, Exchange Server and Microsoft Dynamics. |
SAML |
Security Assertion Markup Language: Its primary use in online security is it enables you to access multiple web applications using a single set of login credentials. It works by passing authentication information in a particular format between two parties, usually an identity provider (idP) and a web application. |
SAN |
Storage area Network: A Network of storage/disks that is presented as central storage to many devices. Subject Alternative Name: These are additional names added to a digital certificate, they are used on web server certificates, and unified communications certificates. |
SAS |
Serial attached SCSI used for connecting computer peripherals, currently runs at about 3 Gbps but can run up to 10 Gbps. Cisco Software Application Support: Support contract for Cisco Software |
SASU | Cisco Software Application Support plus Upgrades, same as Cisco SAS but with the right to upgrade to the latest version. |
SATA | Serial ATA: A Standard for connection drives, (Hard Drives and optical drives) its a seven pin socket that connects them to the computers motherboard. |
SBLMPAAMH | Sit Back, Light My Pipe, And Admire My Handywork: Last stage of any technical project. |
SBS | Small Business Server: A Microsoft Server platform that includes Exchange (and with some flavours ISA and SQL Server) as the name suggests, for small corporate deployments with less than 75 users/devices |
SCCM | System Center Configuration Manager: Formally (SMS) Systems Management Server this is a tool for managing large numbers of Windows Machines. |
SCCP | Skinny Client Control Protocol: A Cisco proprietary telephony protocol. |
SCEP | Simple Certificate Enrollment Protocol: Designed to make the issuing of digital certificates as scalable as possible. |
SCOM | System Center Operation Manager: Microsoft monitoring and management solution previously called MOM uses management packs to remotely monitor and manage clients. |
SCP | Secure Copy: Is a system the relies on SSH and runs over TCP Port 22 to move files from/to a machine securely |
SCSI | Small Computer System Interface: A set of commands for transferring data between hardware devices, traditionally 8 or 16 devices can be attached to a SCSI bus. |
SCVMM |
System Center Virtual Machine Manager a management tool for Microsoft’s Hyper-V virtualisation platform. And is part of Microsoft’s System Center product suite. |
SD |
Secure Digital: A memory card format developed by Panasonic .Basically a small flash memory card also comes as miniSD and microSD. In addition you can also get SDHC and SDXC. Software Defined: Used with a networking type e.g. SDN Software Defined Networking, or Software Defined WAN. |
SDHC | SD High Capacity – up to 32 GB capacity. |
SDM | Security Device Manager: A web based management tool for Cisco Routers. |
SDN | Software Defined Networking |
SDWAN | Software Defined Wide Area Networking: A fully controlled by a centralised software application, creating a virtual network on top of the circuits, known as an overlay. This can then decide how to route traffic based on application and performance requirements. |
SDXC | SD Extended Capacity – up to 2 TB capacity. |
SFP | Small Form Factor Pluggable: This is a transceiver, for Gigabit Ethernet or fiber connections. SFP+ connections can run at 10Gb. |
SFTP |
Secure File Transfer Protocol: Essentially FTP secured by SSH. |
SFR |
Signature Fidelity Rating: Used in IDS/IPS used to define the degree of attack certainty. Software FirepoweR Module: Used in Cisco ASA5506-X and ASA5508-X Next Generation firewalls for firePOWER services. |
SHA | Secure Hashing algorithm: SHA/SHA1 Produces a fixed 160 bit hash commonly used to check integrity of files. Now superseded by SHA254. |
SID | Security Identifier: A string of letters and numbers assigned to a windows client as it joins a domain. with older machines there was much panic about needing to strip the SID fro cloned or imaged machines. These days its less of a problem (click here.) |
SIM | System Image Manager: Is both part of the ADK and the WAIK and used to produce unattended XML answer files for Windows deployment |
SIP | Session Initiation Protocol: Used for video, voice, and chat networking. |
SKU |
Stock Keeping Unit: Basically a part number, this terminology is used a lot to describe Cisco part numbers, but the term SKU is more of a logistics term. |
SLA |
An (SLA) Service Level Agreement defines the level of service you expect from a vendor, laying out the metrics by which service is measured, as well as remedies or penalties should agreed-on service levels not be achieved. It is a critical component of any technology vendor contract. The Internet Protocol Service Level Agreement (IP SLA) Object tracking for static routes provides a mechanism to track the connectivity to the destination network via the next hop specified in the static route. |
SMB |
1. Small to Medium sized Business: Also a Cisco Partner Level. 2. Server Message Block: An old Microsoft file sharing protocol, now renamed CIFS |
SMS | Systems Management Server: this is a tool for managing large numbers of Windows Machines, it’s now been replaced with SCCM. |
SMTP | Simple Mail Transfer Protocol: Common protocol used for email runs on TCP port 25 |
SNMP | Simple Network Management Protocol A widely used network monitoring and control protocol. Uses UDP ports 162 and 161. |
SOHO | Small Office / Home Office |
SPAN | Switch Port ANaliser: A process used on Cisco switches, to copy all the traffic traversing the switch and copying it out of a monitoring port. |
SPAP | Shiva Password Authentication Protocol: A simple password encryption protocol, used with Windows Server 2003 onwards. |
SPF | Sender Policy Framework: |
SPN | Service Principle Name: The name Windows associates itself with when advertising a service. |
SPx | Service Pack x: Usually written as SP1 for Service Pack 1, SP2 for Service Pack 2 etc. |
SPI | Security Parameter Index: Label used by IPsec for the end of a VPN tunnel in phase 2 of IKE 2 unidirectional tunnels are created each will have its own SPI number. |
SPLA |
Service Provider Licence Agreement: This is where a vendor looks after your Microsoft licensing, for equipment that they host for you. You pay them a fee for their your Microsoft Hosted systems, and they become legally responsible for them. Per Subscriber: A Subscriber Access License (SAL) is required for each unique individual user or device that is authorized to access or otherwise use the licensed products. A separate Server Licence is not needed. Examples of products licensed this way include Windows Server, SQL Server, Exchange Server and Microsoft Dynamics. Per Processor: Each Processor License allows an unlimited number of users to access the software that is installed on that processor. Examples include Windows Server, SQL Server and BizTalk Server. Windows Server OS: Is typically licenced ‘per processor’. Either on a physical/virtual machine (for Standard). Or If you have a virtual Environment then you can licence per ‘Socket’ in the Hypervisors (for DataCenter,) once you get over a few machines it makes sense to use Data Center licenses. |
SQL | Structured Query Language: Typically a Database system/server, most well known is Microsoft SQL server, or the free MySQL alternative. |
SRV | Service Locator: A type of DNS record that lets clients on a network, know where services are, and how to access them. |
SRX | Range of Juniper firewalls, bizarrely stands for Security Routing and Switching. |
SSD | Solid State Disk: A disk without moving parts, usually using non volatile (keeps whats stored on it when the power is removed,) flash storage. |
SSH | Secure Sockets Handshake: A secure method of console access, think of it as secure telnet. |
SSID | Service Set Identifier: Then name of a Wi-Fi network. can be set to either broadcast (visible), or be hidden. But it is still visible in the wireless packets that can be ‘sniffed’ so even a half determined attacker will be able to get it. |
SSL | Secure Socket Layer: A cryptographic system that used public and private keys to transmit data over a network securely. |
SSO | Single Sign On: Single sign-on is an authentication scheme that allows a user to log in with a single ID and password to any of several related, yet independent, software systems. |
SSP | Security Services Processor: A Hardware card of device that plugs into a Cisco Firewall, like a CSC or a CX module. |
SSTP | Secure Socket Tunneling Protocol: This essentially allows the use of L2TP and PPP protocols, but does it over TCP port 443 (usually for https). This means it is usually an open port at remote/home locations. |
Suite B |
Defined in RFC 4869, a set of standards for encryption; Encryption AES (128 or 256 bit). |
SLA | Service Level Agreement: An agreement between an IT support organisation and a user of its/their services. OR a command used in Cisco IOS to set up a monitor. |
STP | Spanning Tree Protocol: A system used on network switches to avoid “loops” |
SVI | Switched Virtual Interface: An interface that presents an IP address to a group of ports that share the same VLAN. |
TAC | Technical Assistance Center: Cisco’s third line support, be sure to have a valid support agreement before you ring. |
TACACS+ | Terminal Access Controller Access Control System Plus: A method of authenticating users to a device, one of the supported AAA options for Cisco devices. |
TAR | Tape Archive: A file extension for compressed files common formats are .tgz .gzip, or .bzip2 |
TB | Terabyte: Tera means 10 to the power 12, or 1,000,000,000,000 bytes, however in computing terms we work in binary so it worked out as 2 to the power 40, which equals 1,099,511,627,776 bytes. |
TC & TCF | Transparency Consent Framework: A mechanism for gaining consent before showing website adverts, or attempting to embed tracking cookies. |
TCP | Transmission Control Protocol: Connection oriented protocol for data transfer, uses a “3 way handshake” to make sure the traffic gets where its supposed to go. |
TELNET | Terminal NETwork: A TCP protocol that allows remote users to enter commands on a device runs over TCP port 23. |
TFTP | Trivial File Transfer Protocol: A Little like FTP, but uses UDP Port 69, commonly used for updating firmware on network devices. |
TKIP | Temporal Key Integrity Protocol: Used on Wi-Fi networks, usually with WPA to improve the security of the earlier WEP protocol. |
TLS | Transport Layer Security:Similar to SSL provides encrypted data transfer |
TPM | Trusted Platform Module: is a tamper-resistant silicon chip designed to generate, store, and protect encryption keys generally on a computers motherboard. |
TrustSec | A Cisco network segmentation technology, it’s used to protect assets, such as data, applications, and mobile devices from unauthorized access. |
TS | Terminal Services: Microsoft’s “Thin Client” solution for sharing applications. Now called Remote Desktop Services on Server 2008. |
TTL | Time To Live: A time limit (usually in seconds) used to define how long a DNS record should be ‘alive’ for. Also used in networking to define how long a packet can remain ‘alive’. |
UAC | User Account Control: Introduced with Windows Vista, a system designed to stop you running normally with an administrative account |
UCS | Universal Character Set: A method of encoding characters so they can be sent digitally. |
UDP | User Datagram Protocol: This is a a transport protocol which operates at the same layer as TCP but unlike TCP it is not connection based, it’s a “Fire and forget” protocol if it does not get to the other end it’s not important. |
UEFI | UEFI (Unified Extensible Firmware Interface) is a modern firmware interface designed to replace the legacy BIOS (Basic Input/Output System) found in PCs. It provides a more robust and flexible environment for the initialization and management of system hardware and booting of the operating system. |
UI |
User Interface: Usually a GUI that with every iteration, someone with change, rename or move things around, rendering your notes, blog posts, and even the vendors own documentation out of date. (Cheers Guys!) |
UNC | Universal Naming Convention: Used to map network drives and resources e.g. server_nameshare_namefile_name |
UPN | User Principle Name: Microsoft call this an ‘internet style name’. It is a user and a domain seperated by an @ symbol. |
UPS | Uninterruptible Power Supply: A device that provides battery backup power when the electrical power fails or drops to an unacceptable level. |
URI | Uniform Resource Indicator: Used a lot in vSphere to identify ports and services |
URL | Uniform Resource Locator: A Web address like www.petenetlive.com |
USB | Universal Serial Bus: A Method of connecting computer peripherals (up to a maximum of 127 devices). USB 1.0 is 1.5Mbps, USB 1.1 is 12Mbps, USB 2 is 480 Mbps and USB 3.0 is 4800 Mbps. |
UTC | Universal Time Coordinated (Commonly Coordinated Universal Time) is the time taken from Greenwich this can also be called “Zulu Time”. |
UTF-8 | UCS Transformational Format (8bit) A system for encoding characters so they can be sent digitally |
vASA | Virtual ASA: A virtual appliance that performs the same fictions as a Cisco ASA firewall. |
VAMT | Volume Activation Management Tool: A Microsoft tool for managing MAK software license keys. This can also change KMS keys to MAK keys. |
VAPI | VMware API |
VB | Visual Basic: A Microsoft programming language. Also used with VBScripting, which uses files with a .vbs extension to run scripts |
VE |
Virtual Edition: The virtual appliance version of a device that’s usually hardware e.g. a F5 BIG-IP appliance. Virtual Envronment: As in Proxmox VE Proxmox Virtual Environment (Proxmox VE) is a robust open-source server virtualization platform that merges two cutting-edge virtualization technologies: Linux Containers (LXC) and Kernel-based Virtual Machine (KVM) |
VC | Virtual Center: A Server that manages your VMware ESX hosts |
VCF | VMware Cloud Foundation (VCF) is an integrated software-defined data center (SDDC) platform that provides a complete set of software-defined services for compute, storage, networking, and cloud management. It is designed to simplify the deployment, management, and scaling of private and hybrid cloud environments. |
VCP |
VMware Certified Professional. It’s a certification offered by VMware that validates an individual’s ability to deploy, manage, and troubleshoot VMware vSphere environments. |
VCPP | VMware Cloud Provider Program. It is a program designed by VMware for service providers, enabling them to offer cloud services and solutions built on VMware technologies. (being retired March 2024) |
VCSA | vCenter Server Appliance: A linux appliance for managing VMware clusters. |
VI3 | Vmware virtual infrastructure version 3 |
VI | Virtual Infrastructure. VI: Also a text file editor in Unix/Linux. |
VIB | VMware installation bundle: software and driver packages needed for installing ESX5 |
VIM | Virtual Infrastructure Manager: or VMware vCenter |
VIP | Virtual IP address: An IP address that’s used either when HA / Failover is deployed to give a single contactable IP, for several network ‘nodes’. Or an IP address presented, (usually via Proxy ARP) in front of a load balancer or ADC. |
VLAN | Virtual LAN: A group of network devices that appear to be on a separate network segment, also called a broadcast domain. |
VLK | Volume License Key: Windows XP/Windows Server 2003 (And earlier) used these keys for multiple activations, they have been replaced with MAK and KMS Keys |
VLSC | The Microsoft Volume License Service Center, formally called eOpen (here) |
VLSM | Variable Length Subnet Mask(ing): The process of taking a ‘classfull’ subnet mask, and the ‘borrowing’ further bits from the host portion to make more subnets. |
VM | Virtual Machine: A group of files that when read by some software like VMware, VirtualPC, Hyper-V, or XenServer looks and behaves like a real physical machine. |
VMDK | Virtual Machine Disk: VMware format for storing hard drives for virtual machines. |
VMFS | VMware file system: Used so that multiple hosts can access the same storage at the same time, it uses a system of “Locks” on each file so only one host access the data at any one time. |
vMotion | A Vmware system for moving a running virtual machine from one ESX host to another ESX host. You can also use “Storage Vmotion” to move a running virtual machine’s files and hard disks to another piece of storage. |
VNC | Virtual Network Computing: A remote desktop solution that works across Windows/Linux/macOS etc. |
vNIC | Virtual NIC |
VPG | Virtual Protection Group: Zerto Virtual Protected Group, is a group of servers protected by Zerto through replication. |
VPN | Virtual Private Network: A secure link that carries sensitive data over a public network, the data is protected by encryption. |
VPS | Virtual Private Server: A VM that provided for you for a monthly or yearly fee. |
VRA | Virtual Replication Appliance: A virtual appliance installed on each hypervisor hosting virtual machines to be protected or recovered, that manages the replication of data between the protected and recovery sites. |
VRF | Virtual Routing and Forwarding: A technology that allows routers/switches to host multiple routing tables at the same time. |
VTPM | A virtualized version of a TPM that provides the same functionality as a physical TPM but is implemented in software within a virtualized environment. It allows virtual machines (VMs) to use TPM features without requiring a physical TPM chip in the underlying hardware. |
vSAN | Virtual Storage Area Network. It is a software-defined storage solution developed by VMware. vSAN aggregates locally attached storage devices of multiple hosts into a single, shared data store. |
vSphere | VMware’s cloud operating system formally called VI3 |
VSC | Virtual Service Community: Used on HP wireless networks this is a collection of network settings. |
VSS | Windows Volume Shadow Services: System used by Microsoft for backing up data. |
VT-x | Intel’s processor Visualization technology, Originally code named “Vanderpool” it needs to be enabled on some machines in their BIOS/RBSU/CMOS |
WAIK | Windows Automated Installation Kit: A suite of tools from Microsoft for imaging and deploying Windows systems. With Windows 8 this has now been replaced with the ADK |
WAN | Wide Area Network: A network that connects geographically distributed LANs. Also the external port on a router or firewall. |
WAP | Wireless Access Point,: A Device for connecting wireless network hosts to a wired network, or for ‘bridging’ them onto another network. |
WCF | Windows Communication Framework: This is a Windows Server 2008 feature that runs under .net |
WDS | Windows Deployment Services: A system for deploying (imaging) PC’s and Servers from a central Windows Server (Replacement for RIS). |
WEP | Wired Equivalent Privacy: A security protocol used by Wi-Fi networks. Its not considered as secure as WPA, because of an inherent fault in the way it uses RC4 to generate keys. Its easily defeated and should NOT be used to protect sensitive data. |
WID | Windows Internal Database: Sometimes referred to as ‘SQL embedded’, it’s the database engine built into Windows Operating systems. |
Wi-Fi | Wireless Fidelity: A term used to describe various net worked devices on a WLAN connected wirelessly. |
WindowsPE | Windows Pre-Execution Environment: A cut down version of Windows that can be run from USB drive, CD, or deployed from WDS. |
WINS | Windows Internet Naming Service: A legacy Microsoft method of resolving computer NETBIOS names on a network. |
WLAN | Wireless Local Area Network (See LAN) |
WMI | Windows Management Instrumentation: Is a system that programmers can use to talk to and get information from Windows systems. And also to remotely manage those systems. |
WPA | Wi-Fi Protected Access: A security protocol used to secure wireless networks, its considered more secure than its predecessor WEP, because WPA uses TKIP integrity to change the secure key used. It can also use EAP. |
WSUS | Windows Server Update Services: Free update and patch management system for Windows servers and applications. |
WWW |
World Wide Web: A collection of text and graphics displayed in a web browser, what most people would call the Internet |
x509 | A Standard for PKI and digital certificates. |
XBMC |
XBOX Media Center: Software originally developed for the XBox, but now available for install to Windows and Linux as a Media Center Suite. Also available as XBMCbuntu (a complete XBMC install built on a cut down version of Ubuntu Linux). |
XML | eXtensible Markup Language:A structured way of presenting information, that uses tags much like HTML |
YAML | YAML Ain’t Markup Language: A human-readable data serialisation format commonly used for configuration files and data exchange between languages with different data structures. Despite its name, YAML is not a markup language like HTML or XML. Instead, it focuses on being easy to read and write by humans while also being machine-readable. |
ZAK | Zero Administration Kit: Introduced with Windows NT4. |
ZVM | Zerto Virtual Manager: An application that manages replication at the site level. The ZVM monitors either the vCenter Server or System Centre Virtual Machine Manager to get the inventory of VMs, disks, networks, hosts, etc. |
ZIP | A term used to describe the process of compressing many files/folders and putting then in a compressed “Archive” folder. “.zip” is a file extension for an archive though there are more archive types, e.g. .RAR, .CAB, and .TAR are common examples. |