Technical Terminology

Technical Terminology and Disambiguation

The following table, serves as a reference for the various abbreviations, and technical terminology used throughout the site.

 2FA Two Factor Authentication: Something you know e.g a password, AND something you have, like a phone with a 2FA application, or an RSA Key fob.
 3-2-1 3-2-1: Industry rule applicable to backups which states, you should have 3 COPIES , of your data, 2 COPIES on different storage media, and 1 COPY held off-site.
3DES Triple Data Encryption Standard: A method of encryption (168 bit).
802.1x An IEEE standard: Used for port based NAC (PNAC), typically uses one or more EAP, Certificates, or MSCHAPv2.
AAA Authentication, Authorisation, and Accounting: Security system Authentication proves who you are, Authorisation says what you can do, and Accounting logs what you have done.
AAC Advanced Audio Codec: A file format for storing music in ‘lossless’ quality. Used heavily by Apple.
AAD Azure Active Directory (Now called Entra ID).

1. Access Control Entry: One element of an ACL

2. RSA ACE Server is the old name for RSA Authentication Manager.

ACL Access Control List:Rules applied on a network device that allow communication over numbered ports to and from certain IP addresses.
ACS Access Control System (used be called Access Control Server), is the Cisco implementation of the TACACS+ AAA system.
AD Active Directory: Introduces with Windows Server 2000, this is Microsoft’s domain directory services role.
ADAM Active Directory Application Mode: This was replaced in Server 2008 with LDS
ADC Application Delivery Controller:Examples, Citrix NetScaler, or F5 BigIP device that acts like a load balancer for applications and services.
 ADFS Active Directory Federation Services: Active Directory Federation Services, a software component developed by Microsoft, can run on Windows Server operating systems to provide users with single sign-on access to systems and applications.
ADK Windows Assessment and Deployment Kit: A suite of tools for customizing and deploying Windows operating systems, has replaced the WAIK.
ADML A file extension used for language files that are associated with an ADMX file.
ADMX A file extension used for files that can be imported into Microsoft Group Policy Objects.
ADSL Asymmetric Digital Subscriber Line: An Internet connection ran over copper wire (usually a telephone line). It tends to have faster download than upload speed.
AES Advanced Encryption Standard 128,192, or 256bit.
AH Authentication Header: A member of the IPSec suite of protocols provides integrity and authentication of data packets.
AMD Advanced Micro Devices: A company that makes microprocessors and CPU’s. Main rival to Intel.
 AMP Advanced Malware Protection: Anti Malware solution provided by Cisco Firepower.
API Application Programming Interface: Allows software to talk to other software.
ARM Advanced RISC Machine: A ‘cut down’ processor used in mobile computing products
ARP Address Resolution Protocol: A network protocol used to translate physical addresses to IP addresses, and vice versa using RARP (Reverse ARP).
AS Autonomous System: An AS number is used with routing protocols (like EIGRP and OSPF), all routers that share information with each other in a group are members of the same AS number, (an AS number can be 1-65535).
ASA Adaptive Security Appliance: Range of Cisco firewalls.
ASCII American Standard Code For Information Interchange: (Pronounced ass-key). A method of transferring strings of characters digitally
ASDM Adaptive Security Device Manager: Web management console for Cisco firewalls running OS 7 and above.
ASR Aggregation Services Router: Cisco Routers used by enterprise size networks, and service providers.
ATA Advanced Technology Attachment: Used to connect drives to a computer.
ATM Asynchronous Transfer Mode: Used to move computer data, video, or audio over a network. It embeds the data in ‘cells’ which all travel along a fixed path to their destination. This differs from TCP/IP ‘packets’ which can travel over many different routed to their destination.
AV Anti Virus.
 AVC Application Visibility and Control: Cisco solution to restrict and block traffic based on applications (OSI Layer 7)
AVI Audio Video Interleave: A File format used for video files.
BBWC Battery Backed Write Cache: A small power source that lived on a hardware RAID controller, the battery supplies power to the cache so in the event of power loss, information that is about to written to disk is not lost.
BIND Berkeley Internet Name Daemon: DNS software commonly used in Unix and Linux distributions.
BIOS Basic Input Output system: This is bootable firmware that live on most modern PC’s and Servers you access this before the OS loads usually by pressing F1, F2, F10, or Esc.
BIT Binary Digit: Either a one or a zero, the smallest unit of digital storage and bandwidth.
BITS Background Intelligent Transfer Service: A system that uses idle bandwidth to download data (usually updates).
BSOD Blue Screen Of Death: Seen on a Windows Machine after a crash, if it has not been set to reboot in the event of a crash, it takes it name from the blue background and white text. (Also see PSOD).
BSSID Basic Service Set Identifier: A unique name that specifies a wireless access point or router. Used in an Infrastructure wireless network *See SSID and ESSID)
BT British Telecom, the largest ISP in the UK,
 BT Syndrome You have an Internet problem, so you ring BT, they tell you they can’t see anything wrong, and magically it starts working while you are on the phone.
BYOD Bring Your Own Device: A name given to the practice of allowing employees and visitors access to a corporate network from their own personal devices i.e tablets, phones, and laptops.
CA Certification Authority: An entity that produces digital certificates.
 CAB Change Advisory Board: Part of change procedure, it’s used to approve change requests, and discuss what to do if changes fail, or need to be rolled back, and what the impact of those changes may be.’
CAL Client Access License: A License used to access server services, used a lot on Microsoft Networks where licenses are “per seat”, “per user”, or “per device”.
CAS Client Access Server: A role used by Microsoft Exchange server. A CAS server typically runs OWA and ActiveSync
CBAC Context-Based Access Control: Introduced on Cisco Router and referred to as Classic IOS Firewall. It provides layer 4 and layer 7 stateful inspection.
CCNA Certified Cisco Network Associate: Entry level Cisco networking qualification.
CCMP Counter Mode/CBC-MAC Protocol: Security system that uses a 128 bit key for encryption. Seen on HP Wireless controllers.
CCO Cisco Connection Online: You can create a login free at Cisco to log into this service, once set up you can add valid support agreements to you account to enable you to get support and download updates.
CCP Cisco Configuration Professional: A Java based graphical management software tool for deploying and configuring Cisco Routers, and wireless access points etc.
 CCPA California Consumer Privacy Act: A state statute intended to enhance privacy rights and consumer protection for residents of California, United States.
CCR Cluster Continuous Replication: Introduced in Exchange 2007, this provides a second copy of the exchange database that can be used in a disaster recovery situation.
CD Compact Disk
CDA Cisco Context Directory Agent: A small virtual machine that maintains mappings of users to devices, it gets this information form Active Directory or from Cisco ISE.

Cisco Discovery Protocol: Used to determine what network devices are on the other end of a network link (Cisco’s implementation of LLDP)

Certificate Distribution Point: Usually a file share, or a virtual directory in IIS that is used to hold a CRL.

CGI Common Gateway Interface: A method use to both generate dynamic web content, and pass information between a web server and a browser or application a visitor is using.
CHAP Challenge Handshake Authentication Protocol: Used to authenticate a remote user or hot.
CIFS Common Internet File system: A Microsoft system for sharing files on a network that was developed from SMB.
CLI Command Line Interface: The command interface for various network devices, usually accessed by a console cable SSH or Telnet.
CMC Certificate Management over CMS: Is the transport protocol for CMS.
CMOS Complementary Metal Oxide Semiconductor: this is actually a technology used in integrated circuits, but some people still refer to a machines BIOS/RBSU as CMOS
 CMP Content Management Platform: A solution that allows you to provide web visitors with an option to save their advert and cooke preferences.
CMS Cryptographic Message Syntax: A standard for signing, encryption or authenticating data.

1. Common Name: {digital certificates} When a digital certificate is signed by a CA, this proves the common name (the name presented on the certificate) is correct.

2. Common Name: {Active Directory AD} The name of an object in active directory i.e. “CN=Fred Bloggs”.

CNAME Canonical Name: A Type of DNS record that points to another record, it is also sometimes referred to as an ‘alias’ record.
CODEC COder-DECoder (or Compressor-DECompressor). A small piece of software that lets a computer “Understand” a particular video/audio encoding.
COM Communication Port: A serial comminucation port on a device, usually a 9 pin (or 25 pin on old equipment) socket. Or on networking equipment presented as a female RJ45 or femail Mini USB socket.
cPanel cPanel is a suite of tools that a company hosting your website can provide you access to, to manage your own website. It is used on Apache web servers
 CPE Customer Premise Equipment: Usually used with MPLS to describe the network device that is on customer premises.
CPU Central Processing Unit: The “Brain” and main chip that provides a machines number crunching capability.
CRL Certificate Revocation List: Is a list published by a CA for certificates that have been canceled or revoked. It uses OCSP.
CRM Customer Relationship Management: A system used primarily by sales marketing, and customer services. It’s usually a database of customers and potential customers.
CSC Content and Security Control: A Plug in module for ASA 5510 and above platforms that provides scanning and anti spam facilities from an embedded Trend Micro Server.
CSE Client Side Extensions: A set of extra GPP settings built into Windows 7, (need to be manually installed on older versions of Windows).

Certificate Signing Request: A request sent to a CA to apply for a digital certificate.

Carrier Routing System: Cisco enterprise and ISP level routing system.

CSV Comma Separated Values: A common file format that can be opened by Microsoft Excel. Also used for importing and exporting bulk data.
CSVDE Comma Separated Value Data Export: A method of bulk importing or exporting data from a CSV file to perform a task – commonly used for bulk import/export of users or computers with AD
Common Vulnerabilities and Exposures:  Provides a reference-method for publicly known information-security vulnerabilities and exposures.
 CVSS Common Vulnerability Scoring System (CVSS) is a standard for assessing the severity of computer system security vulnerabilities. CVSS assigns severity scores to vulnerabilities, allowing responders to prioritise responses and resources according to threat. Scores range from 0 to 10, with 10 being the most severe.
CX Context:Terminology used by Cisco in their ‘Next Generation’ firewalls. A context is based on who the identity of a user is, what they are trying to access, when they are trying to access it, and how they are accessing it.

Database Availability Group: A system used by Microsoft Exchange to maintain database availability by keeping copies of the mail database(s) on different mail servers.

Duo Authentication Gateway:  A stand lone authentication solution that provides  MFA for applications like office 365 and Salesforce.

DB Database
DC Domain Controller: The logon server that’s present in Microsoft Server domains.
Data Center
DDOS Distributed Denial Of Service Attack: A DOS attack form multiple machines, usually innocent user computers that have been compromised with spyware.
DER Distinguished Encoding Rules: A set of rules to govern the format and layout of information within a digital certificate.
DES Data Encryption Standard: A method of encryption (56 bit) is considered very weak for modern communication – in 1999 it was broken in 22 hours and 15 minutes by the EFF
DH Diffie Hellman: A system used to swap keys securely over a public network.
DHCP Dynamic Host Configuration Protocol: A method used to lease an IP address to a device so it can communicate on a network.
DMVPN Dynamic Multipoint Virtual Private Network: A solution to build dynamic GRE tunnels to multiple sites with NHRP.
DMZ De-Militarised Zone: A network segment attached usually to a less secure network, traditionally the home of web servers and edge servers.
 DNA Cisco Digital Network Architecture: (Cisco DNA) is Cisco’s architecture for enterprise networks. As Cisco push towards Software Defined Networking, this plan is to have a singular GUI management, automation and security built in. That’s the drive behind Cisco DNA.
DN Distinguished Name: The complete path to an object in Active Directory
DNS Domain Name system: The system that translates network names into IP addresses.
DNSBL DNS based Block List (or Black-hole List depending on what documentation you read) Is dynamic list of known email spammers.

Disk Operating System: Very basic operating system, an example is Microsoft MSDOS

Denial of Service: An attack on a networked system designed to slow it down, impede it, or take it Offline.

DRAC Dell Remote Access Card: Similar to an iLO on a HP server or an IMM on a Lenovo server. Allows remote ‘console’ access to the server.
DS Directory Services: Using a central repository of network assets for management
DSL Digital Subscriber Line: A network connection, usually to the Internet, the speed of traffic “down” is usually fast, and the speed of traffic “up” is slow, this makes it ideal for home Internet connections.
DSN Data Source Name: Usually used with ODBC connections these refer to a data source (usually a database)
 DSRM Directory Services Restore Mode: A special mode a domain controller can be booted into, so that active directory can be restored, and the restoration be replicated to other domain controllers safely.
DTP Dynamic Trunking Protocol: A Cisco proprietary protocol for negotiating trunking on a link between two VLAN aware switches.
DVD Digital Versatile Disk or Digital Video Disk
DVDROM Digital Versatile Disk or Digital Video Disk Read Only Memory
DVI Digital Visual Interface: Connector used for PC Monitors typically white, replaced the older RGB connector
 DWDM Dense Wavelength Division Multiplexing: Multiplexing means sending more than one signal over a given medium (connection). DWDM achieves this using optical technology to enable multiple information streams to use one single optical link.
EAP Extensible Authentication Protocol: Used with both wireless protocols like WPA, it’s part of the PPP suite of protocols
ECC Error-Correcting Code Memory: Typically more expensive than normal RAM, it uses a parity system to error check corruption in the data it holds.
ECDH Elliptical Curve Diffie Hellman: An anonymous key agreement protocol used in cryptography.
ECDSA Elliptical Curve Digital Signature Algorithm.
ECP Exchange Control Panel: Web based administrative console for Exchange, it was brought in with Exchange 2010. With Exchange 2013 the Exchange Administrative Center runs form the same location.
EDNS Extension mechanisms for DNS: Essentially DNS but in network packets greater than 512KB
EFF Electronic Frontier Foundation: Non profit US organisation.
EIGRP Enhanced Interior Gateway Routing Protocol: Cisco proprietary distance vector routing protocol. Routers share their routing information with neighbouring routers in a logical area called an autonomous system.
EMC Exchange Management Console: The Graphical user management console for Microsoft Exchange.
ePO e Policy Orchestrator: McAfee’s product for managing deployment and updates to its anti virus products.
EPT Extended Page Tables: A technology used by Intel VT-x for CPU virtualization.
ESMTP Extended Simple Mail Transfer Protocol (SMTP) As users wanted to send extra data attached to their emails, this system was developed to let that happen. It lets a client and mail server negotiate what capabilities it can use.
ESP Encapsulation Security Payload: A member of the IPsec suite of protocols provides authenticity integrity and confidentiality of data packets.
ESSID Extended Service Set Identifier is an SSID used in ad-hoc networks

Originally Stood for Elastic Sky, ESX is VMware’s hypervisor virtualisation server platform developed from GSX

the i in ESXi is is for “Integrated” and can be ran from a flash drive or chip on a PC/Server.

EULA End User License Agreement: the legal contract between the user and the person/company who has produced some software. Typically the EULA is the section in an install where you tick “I Agree..”.
 EVE-NG Emulated Virtual Environment (Next Generation): A brilliant piece of software for labbing virtual network devices, for testing, proof of concept, or just education.
 F5 F5 Inc: Formally F5 networks, is a company that make Application Delivery Controllers. Which everyone, (much to the annoyance of F5) refer to as load balancers.
FAT File Allocation Table: A disk partitioning system typically used with older Microsoft Operating Systems. Is still used or partitioning of USB and flash media.
 FDM Firepower Device Manager: Web based management GUI for managing an FTD device locally.
FEP Forefront Endpoint Protection: Microsoft’s Client AV solution released 2010
FIPS Federal Information Processing Standards: A set of standards to describe document processing, encryption algorithms and information technology standards for use within non-military government agencies.
 FMC Firepower Management Center: An appliance used to manage and deploy configurations to Cisco ASA FirePOWER, and FTD Devices.
 FPR Firepower: Used to denote Cisco Firepower range of appliances.
FQDN Fully Qualified Domain Name, usually a PC or server-name followed by the domain DNS name i.e.
FSMO Flexible Single Master Operation: pronounced “Fiz-mo” These are 5 roles held by Active Directory domain controllers.
FSRM File System Resource Manager: Introduced with Server 2008 R2, this server role handles file quotas and screening rules.
 FSSO Fortinet Single Sign-On (FSSO), formerly known as FortiGate Server Authentication Extension (FSAE), is the authentication protocol by which users can transparently authenticate to FortiGate, FortiAuthenticator, and FortiCache devices.
 FTD Firepower Threat Defence: The operating system that runs on newer Cisco firewalls, it provides AMP, AVC, NGFW, IDS/IPS URL filtering and stateful firewall capabilities.
FTP File Transfer Protocol: As the name suggests, a protocol for transferring files over a network uses TCP Port 21.
FTTC Fibre to the Cabinet: An Internet connection that provides a fibre optic cable from either a telephone exchange (Or Comms distribution point), to the cabinets that are in the street. From the cabinet to the home/business will usually be standard copper (POTS) cable.
FTTH Fibre to the Home: An Internet connection that provides a fibre optic cable from either a telephone exchange (Or Comms distribution point), directly to a consumers home or place of business.
GAL Global Address List: Used on a Microsoft Exchange server a list of email addresses generated by the server that clients can search.
GB Gig a Byte: Giga means 10 to the power 9, or 1,000,000,000 bytes, however in computing terms we work in binary so it worked out as 2 to the power 30, which equals 1,073,741,824 bytes.
Gbps Giga bits per second 9 a bit is one binary digit (0 or 1) there are 8 bits in one Byte.
 GCM Galois/Counter Mode (GCM): An encryption method thats usually used with AES and is very fast. It provides authenticity and confidentiality so it’s NOT used with a hashing algorithm.
GDOI Group Domain Of Interpretation: A group of network devices that maintain a common set of VPN/ISAKMP settings from a central ‘key server’.
 GDPR The General Data Protection Regulation: A regulation in EU law on data protection and privacy in the European Union and the European Economic Area.
 GIMP GNU (A Unix style free OS and software distribution) Image Manipulation Program. Free image processing program that I use instead of Photoshop.
 GMAC Galois Message Authentication Code (GMAC) is an authentication-only variant of the GCM protocol
GNS3 Graphical Network Simulator: Is open source network simulation software, for replicating routers and network equipment.
GOLR Gateway Of Last Resort: On a router this is the equivalent of a default gateway. If no other routes in a routers routing table match the traffic, this is where it will get sent.
GPO Group Policy Object: This is a template used to lock down or enforce a policy on a computer or a user.
GPP Group Policy Preference: Brought in with Windows Server 2008 designed to compliment GPO network management.
GRE Generic Routing Encapsulation: A Cisco protocol for encapsulating other protocols over a network.
GRT Granular Recovery Technology: A term used by Symantec to describe their backup technology, that lets you restore a single item from a large backup job, e.g. one email from and Exchange backup, or one user from Active Directory.
GSX From its development name GSX is VMware’s Ground Storm Virtualisation platform, was replaced by ESX
GUI Graphical User Interface.
GUID Global Unique Identifier: Used to identify active directory objects, and also a hard coded serial number built into computers so they can be identified on a network when they pXe boot.
 GVE Global Virtual Engineering: A division of Cisco that helps Cisco Partners with technical questions.
HA High Availability: An attribute given to a VMware cluster so that if any ESX host fails, it’s guest machines automatically get migrated to another host. Also the term used to describe multiple exchange databases deployed for fail-over.
 HBA Hardware Bus Adaptor: An HBA is a circuit board or expansion card that physically connects a host system, such as a server, to internal and/or external storage, such as hard disk drives (HDDs), Solid State drives (SSDs), and external storage enclosures.
 HCL Hardware Compatibility List: A List of hardware that is certified for use with certain versions of software. For example VMware produce an HCL for all Vendors hardware that has been tested with each version of its software.
HDD Hard Disk Drive.
HDMI High Definition Multimedia Interface: Method for sending digital video and sound signals, used for TV’s, Monitors, and digital cameras.
HIPS Host Intrusion Detection System: A software package which monitors a single host for suspicious activity, by analysing events occurring within that host.
HSRP Hot Standby Routing Protocol: A Cisco protocol that provides a fault tolerant default gateway solution.
HTML Hyper Text Markup Language: Is a language used to create documents on the world wide web.
HTPC Home Theatre Personal Computer.
HTTP Hyper Text Transfer Protocol: Traditionally the protocol of web pages, runs over TCP port 80, however multiple vendors abuse this by trying to get their software to run on the same port as this port is usually open on corporate firewalls.
HTTPS Hyper Text Transfer Protocol Secure: This is web traffic that is secured, using SSL

The Interactive Advertising Bureau is an advertising business organization that develops industry standards, conducts research, and provides legal support for the online advertising industry.

IAS Internet Authentication Server: Microsoft Implementation of RADIUS
ICMP Internet Control Message Protocol: Part of the IP suite of protocols, ICMP is used to send errors and connection states.
IDS Intrusion Detection System
IE Internet Explorer: Microsoft’s OLD web browser.
IEEE Institute of Electrical and Electronics Engineers (or IEEE-SA Standards Association) : Set Standards for IT and Telecoms (amongst others).
IESC Internet Enhanced Security Configuration: A Tighter set of browser stings applicable to a Windows Server.
IETF Internet Engineering Task Force: Develops and promotes Internet Standards
IIS Internet Information Server: The Microsoft web server platform, included with Windows server systems.
IKE Internet Key Exchange: A protocol used to set up SA’s in the IPsec protocol
iLO Integrated Lights Out: Let you connect to the console of a HP Proliant Server, even if its powered off, the iLO is presented as a standard RJ45 network socket on the back of the server.
IMAP Instant Message Access Protocol: Method of retrieving messages from a mail server, runt over TCP port 143
 IMHO In My Humble Opinion.
IMM Integrated Management Module: Seen on IBM X Series Servers (now Lenovo). This is similar to a HP iLO or a Dell DRAC.
IOPS Input / Output Operations per second: A figure used by storage vendors to showcase how great their storage is.
IOS Internetwork Operating System: OS used by Cisco devices and Apple Devices.
IP Internet Protocol: A protocol for communicating across a switched network (like the Internet).
IPS Intrusion Protection System
IPSEC Internet Protocol Security: A suite of protocols for securing IP communications.
IPv4 IP Version 4: IP addressing scheme which can have  2 to the power 32 (4,294,967,296) possible addresses.
IPv6 IP Version 6: Replacing IPv4, IPv6 uses 128-bit addresses, for an address space of 2 to the power 128 (approximately 340 undecillion or 3.4×10 to the power 38).
ISA Microsoft Internet Security and Acceleration Server: replaced MS Proxy 2.0, it provides web proxy services and Enterprise Firewall capabilities.
ISAKMP Internet Security Association and Key Management Protocol: A system for establishing Security Association and secure keys, usually used for VPN communication.
iSCSI Internet Small Computer System Interface: System used to carry SCSI commands over an IP network, used for small SAN infrastructures.
ISE (Pronounced ICE) Identity Services Engine: A Cisco product, it’s a security policy management & control platform that automates and simplifies access control, and security compliance for wired, wireless, and VPN connectivity. Cisco ISE is primarily used to provide secure access and guest access, support BYOD initiatives, and enforce usage policies in conjunction with Cisco TrustSec.
ISO A type of file format that’s used for storing CD/DVD Images, it takes its name from the International Organization for Standardization.
ISP Internet Service Provider: The Person or company that provides a link to an external network (usually the Internet).
ISR Integrated Services Router: A series of Cisco Routers used by small to medium sized customers.
IV Initialization Vector: Used in cryptography, its a ‘fixed size’ input.
IWSS Inter Scan Web Security Suite: A suite of products by Trend Micro, for AV and URL filtering.
JNLP Java Network Launching Protocol: Used to deliver “Java Web Start” and run an application from a web server.
 JRE Java Runtime Environment is software that Java programs require to run correctly. Java is a computer language that powers  web and mobile applications.
 JSON JavaScript Object Notation: Open standard file format, and data interchange format, that uses human-readable text to store and transmit data objects consisting of attribute–value pairs and array data types. It is a very common data format.
Kb Kilobit: 1 kilobit = 10(to the power 3)bits = 1000bits
KB Kilo means 10 to the power 3, or 1,000 bytes, however in computing terms we work in binary so it worked out as 2 to the power 10, which equals 1,024 bytes.
KMS Key Management Server/Service: With the release of Windows Vista/2008 Microsoft changed their software license method. Previous VLK keys were replaced by both MAK and KMS Keys. Software with a KMS key must get its activation from a KMS server (installed on its local network) every 180 days.

KeyBoard/Video/Monitor: Device fitted to multiple computers/servers to allow interaction from a single keyboard monitor and mouse.

Kernel-Based Virtual Machine: A Linux based virtualisation/hypervisor.

L2TP Layer Two Tunneling Protocol: Developed from PPTP used to authenticate remote VPN clients
LACP Link Aggregation Control Protocol: A protocol that allows you to bundle together more than one network link and treat it as it id is one link.
LAN Local Area Network: A computer network that connects multiple PC’s to each other and local resources. Also the inside port on a router or firewall.
LAPS Local Administrator Password Solution: Microsoft Software used to periodically change the local administrator password on machines and set them differently, as defined in Group Policy. Those passwords are then stored securely in AD.
LBFO Load Balancing and Fail Over: New with Server 2012, this provides NIC teaming/aggregation and standby NIC support.
LDAP Lightweight Directory Access Protocol: Designed for accessing and editing directories over an IP network, Microsoft LDAP commonly runs over TCP port 389
LDAPS Secure LDAP, usually over TCP port 636, and secured by a PKI certificate.
LDS Lightweight directory Services: A small subset of AD that’s used for applications, (on versions of Windows before 2008 it was called ADAM)
LLDP Link Layer Discovery Protocol: Similar to Cisco’s CDP, this is a vendor-neutral protocol designed to tell you what devices are directly connected to you at the ‘other-end’ of a network link.
LLMNR The Link-Local Multicast Name Resolution: A protocol based on the DNS packet format that allows both IPv4 and IPv6 hosts to perform name resolution for hosts on the same local link.
 LTM Local Traffic Manager: A licensed feature on an F5 ADC/Load Balancer
LTO Linear Tape Open: A standard of magnetic tape storage, developed by Quantum/Seagate. Commonly used by HP, IBM and Certance
LUN Logical Unit Number: used in SAN storage, each piece of “storage” is represented by a LUN that’s presented to other devices on the storage network/fabric.
M4A MPEG 4 Audio:Essentially an MP4 file that is audio and not multimedia. Used by Apple and iTunes.
MAB MAC Address bypass: Not all devices support 802.1x authentication, so MAB is enabled for those devices to bypass normal authentication
MAC Media Access Control: The “Burned in” hardware address used on all Ethernet network devices.
MACSEC MAC Security Standard is the common name for IEEE Standard 802.1AE. It provides ‘point to point’ encryption at layer 2 of the OSI model (Data Link layer)
MAK Multiple Activation Key: A Microsoft software unlock code, designed to be used multiple times. Took over from a VLK key, its either entered manually, from a script or unattended file, or using the VAMT tool.
MAPI Messaging Application Programming Interface: A Set of standards and instructions that allow programs to talk to Microsoft Mail applications like Exchange Server.
Mb Megabit: 1 megabit = 10(to the power 6)bits = 1000000bits = 1000 Kb
MB Megabyte: Mega means 10 to the power 6, or 1,000,000 bytes, however in computing terms we work in binary so it worked out as 2 to the power 20, which equals 1,048,576 bytes.
MD5 Message digest algorithm 5: Produces a fixed 128 bit hash commonly used to check integrity of files
 MFA Multi Factor Authentication: Multi-factor Authentication (MFA) is an authentication method that requires the user to provide two or more verification factors to gain access to a resource.
 MITM Man In The Middle: A Type of attack, where the attacker sits in ”plain sight and pretends to be something you would trust, like a wireless access point, or a website.
MKV Matroska Files: these are video files, similar to AVI files, but with extra features.
MMC Microsoft Management Console: A front end that accepts various “Snap ins” for managing items in a windows environment.
MOVE Management for Optimized Virtual Environments: McAfee AV solution for Virtual machines and VDI environments.
MP3 MPEG-1 Audio Level 3: A popular format for storing and playing digital music.
MP4 MPEG-1 Audio Level 4: A popular format for storing and playing digital video, audio, images, animations and menus.
MPEG Moving Picture Expert Group
MPF Modular Policy Framework: A system for applying policies on a Cisco Firewall they can be applied globally or per interface.m
 MPLS Multi Protocol Label Switching: Solution that routes traffic based on a ‘Label’ that gets injected into the packets.
MSA Modular Storage Array: A range of SAN devices by Hewlett Packard
MSDOS Microsoft Disk Operating System: what we had from Microsoft before Windows. Still seen on older Novell Servers.
MSCEP Microsoft version of SCEP
MSCHAP The Microsoft Implementation of CHAP
MSDE Microsoft SQL Desktop Edition: A cut down version of Microsoft SQL Server,that is free. Has now been replaced by SQL Express.
MSDN Microsoft Developer Network (here).
MSI Microsoft Installer File: A type of file extension that denotes a piece of setup software for an application, the advantage of .msi files is that they can be installed on clients via GPO
MSM Multiservice Mobility Controller: An HP Product Line of Wireless Controllers.
 MSP Managed Service Provider: Managed services is the practice of outsourcing the responsibility for maintaining, monitoring, support, response and escalation of problems on behalf of a client.
MTU Maximum Transmission Unit: The maximum size (in bytes) that a single packet can be, for transmission over a network.
MX Mail exchanger record: Is a DNS record that it used so that someone can query a domain to find the name/address of its mail server.
NAC Network Access Control: A more generic (non Microsoft) form of NAP. May or may not be used to ‘Posture Asses’ a network client based on AV status, Updates, HIPS, or Certificate information etc.
NAP Network Access Protection: A Microsoft technology for controlling network access based on policies.
NAS Network Attached Storage: Hard drive storage that’s presented to a network with its own address.
NAT Network Address Translation: Translating many IP addresses to few IP addresses.
NDES Network Device Enrollment Service: The name given to the Microsoft Server role that replaced MSCEP/SCEP. It’s a service that allows network devices to enroll for digital certificates.
NDR Non Delivery Report: Produced by a mail server, and sent to the sender, when an email cannot be delivered.
NetBIOS Network Basic Input/Output System: Is NOT a networking protocol its an API, can be likened to DNS insofar at it maps names to IP addresses.

NetBEUI stands for NetBIOS Extended User Interface, is a networking protocol developed by IBM and Microsoft in 1985 that is used for workgroup-size LANs with up to 200 stations. NetBEUI is an extension of NetBIOS

NFR Not For Resale: Software or Hardware supplied by a vendor, (usually to a reseller) to use for demonstration, test or training purposes.
NFS Network File system: Developed by Sun Microsytems this is a protocol for allowing a client to access files on a shared datastore/system, currently at version 4 and is defined in RFC 3530.
 NGFW Next Generation Firewall: A term used to describe a firewall that can perform inspection up to layer 7, and provide other services like anti-malware, URL filtering and IDS.
 NGINX Pronounced Engine-X (or En-jinks): It’s an open source (high performance) software, for web servers, reverse proxies, and load balancing.
NHRP Next Hop Resolution Protocol: A protocol which lets network endpoints know what the ‘real’ IP addresses of the ‘next hop’ to a destination is, e.g. If a router asks the NHS server ‘I need to build a tunnel to’ it will reply with ‘The public IP address of that site is’.
NHS Next Hop Server: Usually Router running NHRP, this device tells remote sites where there ‘Next Hop’ is to establish a GRE Tunnel in a DMVPN environment.
NIC Network Interface Card: The device that connects a PC/Server to a network this can be wired or wireless.
NNTP Network News Transfer Protocol: An old protocol used for posting usenet articles runs on TCP port 119
NPAPI Netscape Plugin Application Programming Interface.
 NPS Network Policy Server  is the Microsoft implementation of a Remote Authentication Dial-in User Service (RADIUS).
 NSE The Fortinet Network Security Expert (NSE) program is an eight-level training and certification program that is designed to provide interested technical professionals with an independent validation of their network security skills and experience.,
NSEL NetFlow Secure Event Logging
 NSX Does not stand for anything! It’s the next iteration of the VMware virtualisation platform ESX, common opinion is the ‘N’ denotes network.
NTFS New Technology File system: Introduced with Windows NT4, a method of securing files on storage media.
NT New Technology: Released as Windows NT 3.1 (1993). The most well known is Windows NT4 (1996). Its still a system in use today (Windows 7 and Server 2008 R2 is denoted as NT 6.1).
NTLM NT LAN Manager: A Microsoft suite of protocols that provide authentication, integrity and confidentiality.
NTP Network Time Protocol: Used to synchronise system clocks on network devices. It runs over UDP port 123.
NVRAM Non-Volatile RAM: A term usually used with routers to describe RAM that contains information that will not be lost when the device is powered off, these days we would call it flash memory. But you will still see this term used in router documentation.
OAB Offline Address Book: Generated by Microsoft Exchange Server and downloaded to Microsoft Outlook clients for use in cached mode.
OCSP Online Certificate Status Protocol: Used by a CA to answer certificate revocation requests.
ODBC Open Database Connectivity: A standard method of accessing a database. Usually configured on a client that has software that needs a database ‘back-end’ on another server or machine,
OEM Original Equipment Manufacturer: Someone who produces computer equipment that comes pre-bundled with a Windows operating system. Note: A Windows OEM code will NOT work on Volume Licensed Software
OOBE Out Of Box Experience: The name Microsoft gives to the process you go through when you first setup a copy of Windows.
OS Operating System: The software between the hardware and you, on a PC it would be Windows or Linux, on a Hardware device it is probably vendor specific i.e. Cisco ASA OS 7.2(2)

Open Systems Interconnect: Is a conceptual model used to teach/design and build networked systems. It is an seven layer model;

1. Physical
2. Data Link
3. Network
4. Transport
5. Session
7. Application

I memorise the layers using the following Mnemonics;

Please, Do , Not, Throw, Sausage, Pizza, Away.
All, People, Seem, To, Need, Data, Processing.

OSPF Open Shortest Path First: An ‘interior’ routing protocol for IP networks. It is a ‘link state’ protocol that groups networks into groups called AS groups.
OTP One Time Password: Used in cryptography to obtain a certificate.
OU Organisational Unit: This is a container used in Directories like Active Directory or Novell Directory Services, can be used to hold directory objects like users, servers or printers etc. They can also be used to apply GPO
OVA Open Virtualisation Appliance: A packaged OVF folder, (compressed via TAR).
OVF Open Virtualisation Format: A method of “Transporting” virtual machines, used so that they can be made “Portable”. Normally packaged into an OVA File.
OWA Outlook Web Access: The web front end to Microsoft Exchange. After Exchange 2010 this is now called Outlook Web App.
P2V Physical to Virtual: The act of converting a real machine top a virtual one.
PAK Product Activation Key: a License key used by Cisco, to enable/add features to a Cisco device.
PAP Password Authentication Protocol: Used to authenticate users before network access is allowed.
PAT Port Address Translation: Translating many IP addresses to a single IP address (Used on Cisco firewalls for port forwarding).
PCL Printer Control Language: Is a command language that is used with printer drivers so that applications can send data to a printer.
PCoIP Created by a firm called Teradici, it is a similar protocol to RDP, insofar as it lets you view the desktop of a remote machine and interact with it. It’s the preferred protocol to use with VMware View (after version 4.6).
PDC Primary Domain Controller: Used in Windows NT4 environments, though now in new Active Directory you will still have a domain controller that holds the PDC Emulator FSMO role.
PDF Portable Document Format: Usually opened with Adobe Acrobat (Though other pdf readers exist).
PDM PIX Device Manager: Web management console for Cisco firewalls running OS 6 and below.
PEAP Protected Extensible Authentication Protocol: Takes normal EAP traffic and encapsulates it in a secure TLS tunnel.
PEM Privacy Enhanced Mail: A format for showing a digital certificate, can be sent via email or pasted into a devices configuration looks like this.
PERC PowerEdge Expandable RAID card: Dell’s name for its server RAID cards.
PFS Perfect Forward Secrecy is a method by which new keys are generated, each new key is mathematically linked to the key that came before it, the prior key being a “Grandfather” key. With PFS enabled this link is broken so a key can not be forward/reverse engineered to guess a previous/new key value). Every new negotiation produces a new fresh key.
 PFX Personal Information Exchange Format: File format that enables the transfer of certificates, (and their private keys) from one computer to another, or to removable media.
PHP PHP:Hypertext Processor (confusing eh? The first word of the acronym is the acronym, this is called a recursive acronym). Its an embedded scripting language commonly used in HTML.
PID Process Identifier: The number allocated to processes on a computer running an OS like windows or UNIX.
PING Ping is a command utility that uses the “echo request” part of the ICMP suite of communications protocols, it is used to test network connectivity and the “round trip” time packets take over a network.
PIX Packet Internet eXchange: Cisco’s firewall platform before the ASA was released.
PKCS Public Key Cryptography Standards: A set of encryption and crypto standards published by RSA.
PKI Public Key Infrastructure: A system that uses public and private keys for cryptography. Commonly used for digital certificates.
POE Power Over Ethernet: A method of delivering electric power over a network cable. Used to power devices like IP Phones and Wireless Access Points
POODLE Padding Oracle On Downgraded Legacy Encryption: A ‘Man in the Middle’ SSL Exploit that forces communication over SSLv3. Once done the attacker can initiate multiple SSL connections and decrypt the data. Note: In December 2014, it was discovered were also susceptible to POODLE attacks on TLSv1.0 and TLSv1.2.
POP Post Office Protocol: Method for retrieving mail from a public mail server runs over TCP port 110
POTS Plain Old Telephone System.
PPP Point to Point Protocol: This is a communication protocol that is designed to establish a link between two places, it provides authentication, encryption and compression.
PPPoA Point to Point Protocol over ATM: This is a communication protocol that uses PPP and places , it’s commonly used with ADSL routers.
PPPoE Point to Point Protocol over Ethernet: This is a communication protocol that uses PPP and places that information into normal Ethernet frames, it’s commonly used with DSL and FTTC connections.
PPTP Point to Point Tunneling Protocol: Used to establish a VPN tunnel it runs in IP protocol 47 and TCP port 1723.
 PRF Pseudo Random Function: A system used in modern cryptography, that allows information to be exchanged securely across an insecure network.
PRSM Cisco Prime Security Manager: A Management platform for Cisco Next Generation firewalls and CX devices.
PSOD Pink Screen Of Death: Seen on VMware servers after a crash (like a Windows BSOD only the screen background is pink).
PST A Microsoft Personal Folder File: Usually used by Microsoft Outlook to store mail locally in a file. These can go corrupt/get deleted and cause loss of data, which unlike the data in your email server may not be backed up!
PSTN Public Switched Telephone Network: Old fashioned phone system sometimes referred to as POTS
PuTTY A free popular SSH/Telnet and terminal emulation software.
PXE Pre eXecute Environment: A system in modern PC’s that enable them to be booted from their NIC.
QoS Quality of Service: Is the description or measurement of the overall performance of a service, such as networkign thoughput, or storage performance.
R2 Release 2 (or Second Release), used by Microsoft for major OS releases e.g. Windows Server 2003 R2 and Windows Server 2008 R2
RA Registration Authority: Used on a CA Server running SCEP/MSCEP/NDES.
Remote Access: When used with VPN terminology
RAID Redundant Array of Independent Disks (or Inexpensive Disks depending on who you are talking to). This is a blanket term, for any method of presenting multiple physical disks, and making them appear as a single piece of storage.
RADIUS Remote access Dial In User System: A method of authenticating access to a network.
RAM Random Access Memory: Or volatile memory, provides a PC/server with short term high speed memory.
RBAC Role Based Access Control: Used with Exchange 2010, makes delegating Exchange tasks easier.
RBL Relay Block List / Realtime Black-hole List: A dynamic list of IP addresses and host-names that have been suspected/reported as being either an open relay, or are generating spam.
RBSU ROM Based Setup Utility: Typically found on HP Servers the RBSU is a small BIOS chip for holding the system settings.
RC4 Is a cypher developed by RSA it is easily broken by modern computers thus considered insecure.
RD Remote Desktop, See RDP
RDP Remote Desktop Protocol: A Microsoft protocol that allows the desktop of one machine, to be shown on another machine over a network, can be used for remote assistance, remote administration, or Terminal Services. Runs over TCP port 3389
RDS Remote Desktop Services the new name in Windows 2008 for Terminal Services (TS).
RDX Removable Disk Storage/Backup System (No I don’t know why it has an X!) a Hard Drive based backup solution that behaves like a tape drive.
RFC Request For Comments: These are a collection of memorandums published by the IETF as a method of trying to standardise communication standards and protocols.
RGB Red Green Blue: 15 pin video cable connector (typically blue in color). Used for Monitors and projectors.
RIP Routing Information Protocol: A distance vector IP routing protocol. It works by calculating the number of ‘hops’ to a destination, because of this it does not scale well.
RIS Remote Installation Services: Introduced in Windows 2000, system for deploying (imaging) PC’s and Servers from a central Windows Server (Replaced by WDS).
 RISC Reduce Instruction Set Computer: A CPU architecture that is small and fast because it only runs a smaller set of commands.
RJ45 Registered Jack 45: Is a standard 8 pin network connection.
RODC Read Only Domain Controller (Server 2008 only). A domain controller with a “Read Only” database it caches credentials rather than storing then in case it is stolen.
ROM Read Only Memory: Memory that can not (normally) be written to i.e. CD ROM.
ROMMON ROM Monitor, is a low level bootstrap program used on Cisco devices to check and initialise the hardware then load the operating system.
RPC Remote Procedure Call: A system used on random communication ports to let systems talk to each other.
RRAS Routing and Remote Access: Is a Windows server role, that provides the following, Remote access, Dial up, VPN, NAT, Routing, and Demand Dial services.
RSA Rivest, Shamir and Adleman: An algorithm for public key cryptography.
RSAT Remote Server Administration Tools: Suite of Microsoft MMC consoles for managing servers and domains.
RSOP Resultant Set Of Policy: rsop.msc is a trouble shooting tool on Windows machines to help resolve group policy problems.
RSS Really Simple Syndication: A web based news feed system.
RTFM Read the F***ing Manual!
RTFQ Read the F***ing Question!
RTM Released To Manufacturing
SA Security Association: a secured peer in a site to site VPN

Software as a service is a solution fordelivering applications (usually) over the Internet as a service. This saves you of installing and maintaining software, freeing yourself from complex software and hardware management.


Subscriber Access License: Like a CAL, but typically used when you are covered by SPLA Licensing. A Subscriber Access License (SAL) is required for each unique individual user or device that is authorized to access or otherwise use the licensed products. A separate Server Licence is not needed. Examples of products licensed this way include Windows Server, SQL Server, Exchange Server and Microsoft Dynamics.


Security Assertion Markup Language: Its primary use in online security is it enables you to access multiple web applications using a single set of login credentials. It works by passing authentication information in a particular format between two parties, usually an identity provider (idP) and a web application.


Storage area Network: A Network of storage/disks that is presented as central storage to many devices.

Subject Alternative Name: These are additional names added to a digital certificate, they are used on web server certificates, and unified communications certificates.


Serial attached SCSI used for connecting computer peripherals, currently runs at about 3 Gbps but can run up to 10 Gbps.

Cisco Software Application Support: Support contract for Cisco Software

SASU Cisco Software Application Support plus Upgrades, same as Cisco SAS but with the right to upgrade to the latest version.
SATA Serial ATA: A Standard for connection drives, (Hard Drives and optical drives) its a seven pin socket that connects them to the computers motherboard.
SBLMPAAMH Sit Back, Light My Pipe, And Admire My Handywork: Last stage of any technical project.
SBS Small Business Server: A Microsoft Server platform that includes Exchange (and with some flavours ISA and SQL Server) as the name suggests, for small corporate deployments with less than 75 users/devices
SCCM System Center Configuration Manager: Formally (SMS) Systems Management Server this is a tool for managing large numbers of Windows Machines.
SCCP Skinny Client Control Protocol: A Cisco proprietary telephony protocol.
SCEP Simple Certificate Enrollment Protocol: Designed to make the issuing of digital certificates as scalable as possible.
SCOM System Center Operation Manager: Microsoft monitoring and management solution previously called MOM uses management packs to remotely monitor and manage clients.
SCP Secure Copy: Is a system the relies on SSH and runs over TCP Port 22 to move files from/to a machine securely
SCSI Small Computer System Interface: A set of commands for transferring data between hardware devices, traditionally 8 or 16 devices can be attached to a SCSI bus.

System Center Virtual Machine Manager a management tool for Microsoft’s Hyper-V virtualisation platform. And is part of Microsoft’s System Center product suite.


Secure Digital: A memory card format developed by Panasonic .Basically a small flash memory card also comes as miniSD and microSD. In addition you can also get SDHC and SDXC.

Software Defined: Used with a networking type e.g. SDN Software Defined Networking, or Software Defined WAN.

SDHC SD High Capacity – up to 32 GB capacity.
SDM Security Device Manager: A web based management tool for Cisco Routers.
 SDN Software Defined Networking
 SDWAN Software Defined Wide Area Networking: A fully controlled by a centralised software application, creating a virtual network on top of the circuits, known as an overlay. This can then decide how to route traffic based on application and performance requirements.
SDXC SD Extended Capacity – up to 2 TB capacity.
SFP Small Form Factor Pluggable: This is a transceiver, for Gigabit Ethernet or fiber connections. SFP+ connections can run at 10Gb.

Secure File Transfer Protocol: Essentially FTP secured by SSH.


Signature Fidelity Rating: Used in IDS/IPS used to define the degree of attack certainty.

Software FirepoweR Module: Used in Cisco ASA5506-X and ASA5508-X Next Generation firewalls for firePOWER services.

SHA Secure Hashing algorithm: SHA/SHA1 Produces a fixed 160 bit hash commonly used to check integrity of files. Now superseded by SHA254.
SID Security Identifier: A string of letters and numbers assigned to a windows client as it joins a domain. with older machines there was much panic about needing to strip the SID fro cloned or imaged machines. These days its less of a problem (click here.)
SIM System Image Manager: Is both part of the ADK and the WAIK and used to produce unattended XML answer files for Windows deployment
SIP Session Initiation Protocol: Used for video, voice, and chat networking.

Stock Keeping Unit: Basically a part number, this terminology is used a lot to describe Cisco part numbers, but the term SKU is more of a logistics term.


An (SLA) Service Level Agreement defines the level of service you expect from a vendor, laying out the metrics by which service is measured, as well as remedies or penalties should agreed-on service levels not be achieved. It is a critical component of any technology vendor contract.

The Internet Protocol Service Level Agreement (IP SLA) Object tracking for static routes provides a mechanism to track the connectivity to the destination network via the next hop specified in the static route.


1. Small to Medium sized Business: Also a Cisco Partner Level.

2. Server Message Block: An old Microsoft file sharing protocol, now renamed CIFS

SMS Systems Management Server: this is a tool for managing large numbers of Windows Machines, it’s now been replaced with SCCM.
SMTP Simple Mail Transfer Protocol: Common protocol used for email runs on TCP port 25
SNMP Simple Network Management Protocol A widely used network monitoring and control protocol. Uses UDP ports 162 and 161.
SOHO Small Office / Home Office
SPAN Switch Port ANaliser: A process used on Cisco switches, to copy all the traffic traversing the switch and copying it out of a monitoring port.
SPAP Shiva Password Authentication Protocol: A simple password encryption protocol, used with Windows Server 2003 onwards.
SPF Sender Policy Framework:
SPN Service Principle Name: The name Windows associates itself with when advertising a service.
SPx Service Pack x: Usually written as SP1 for Service Pack 1, SP2 for Service Pack 2 etc.
SPI Security Parameter Index: Label used by IPsec for the end of a VPN tunnel in phase 2 of IKE 2 unidirectional tunnels are created each will have its own SPI number.

Service Provider Licence Agreement: This is where a vendor looks after your Microsoft licensing, for equipment that they host for you. You pay them a fee for their your Microsoft Hosted systems, and they become legally responsible for them.
There are two types of SPLA license 

Per Subscriber: A Subscriber Access License (SAL) is required for each unique individual user or device that is authorized to access or otherwise use the licensed products. A separate Server Licence is not needed. Examples of products licensed this way include Windows Server, SQL Server, Exchange Server and Microsoft Dynamics.

Per Processor: Each Processor License allows an unlimited number of users to access the software that is installed on that processor. Examples include Windows Server, SQL Server and BizTalk Server.

Windows Server OS: Is typically licenced ‘per processor’. Either on a physical/virtual machine (for Standard). Or If you have a virtual Environment then you can licence per ‘Socket’ in the Hypervisors (for DataCenter,) once you get over a few machines it makes sense to use Data Center licenses.

SQL Structured Query Language: Typically a Database system/server, most well known is Microsoft SQL server, or the free MySQL alternative.
SRV Service Locator: A type of DNS record that lets clients on a network, know where services are, and how to access them.
SRX Range of Juniper firewalls, bizarrely stands for Security Routing and Switching.
SSD Solid State Disk: A disk without moving parts, usually using non volatile (keeps whats stored on it when the power is removed,) flash storage.
SSH Secure Sockets Handshake: A secure method of console access, think of it as secure telnet.
SSID Service Set Identifier: Then name of a Wi-Fi network. can be set to either broadcast (visible), or be hidden. But it is still visible in the wireless packets that can be ‘sniffed’ so even a half determined attacker will be able to get it.
SSL Secure Socket Layer: A cryptographic system that used public and private keys to transmit data over a network securely.
 SSO Single Sign On: Single sign-on is an authentication scheme that allows a user to log in with a single ID and password to any of several related, yet independent, software systems.
SSP Security Services Processor: A Hardware card of device that plugs into a Cisco Firewall, like a CSC or a CX module.
SSTP Secure Socket Tunneling Protocol: This essentially allows the use of L2TP and PPP protocols, but does it over TCP port 443 (usually for https). This means it is usually an open port at remote/home locations.
Suite B

Defined in RFC 4869, a set of standards for encryption;

Encryption AES (128 or 256 bit).
Key Exchange ECDH Curve P-256 or Curve P-384
Digital Signature
ECDSA Curve P-256 or Curve P-384
Hashing SHA-254 or SHA-384

SLA Service Level Agreement: An agreement between an IT support organisation and a user of its/their services. OR a command used in Cisco IOS to set up a monitor.
STP Spanning Tree Protocol: A system used on network switches to avoid “loops”
SVI Switched Virtual Interface: An interface that presents an IP address to a group of ports that share the same VLAN.
TAC Technical Assistance Center: Cisco’s third line support, be sure to have a valid support agreement before you ring.
TACACS+ Terminal Access Controller Access Control System Plus: A method of authenticating users to a device, one of the supported AAA options for Cisco devices.
TAR Tape Archive: A file extension for compressed files common formats are .tgz .gzip, or .bzip2
TB Terabyte: Tera means 10 to the power 12, or 1,000,000,000,000 bytes, however in computing terms we work in binary so it worked out as 2 to the power 40, which equals 1,099,511,627,776 bytes.
 TC & TCF Transparency Consent Framework: A mechanism for gaining consent before showing website adverts, or attempting to embed tracking cookies.
TCP Transmission Control Protocol: Connection oriented protocol for data transfer, uses a “3 way handshake” to make sure the traffic gets where its supposed to go.
TELNET Terminal NETwork: A TCP protocol that allows remote users to enter commands on a device runs over TCP port 23.
TFTP Trivial File Transfer Protocol: A Little like FTP, but uses UDP Port 69, commonly used for updating firmware on network devices.
TKIP Temporal Key Integrity Protocol: Used on Wi-Fi networks, usually with WPA to improve the security of the earlier WEP protocol.
TLS Transport Layer Security:Similar to SSL provides encrypted data transfer
 TPM Trusted Platform Module: is a tamper-resistant silicon chip designed to generate, store, and protect encryption keys generally on a computers motherboard.
TrustSec A Cisco network segmentation technology, it’s used to protect assets, such as data, applications, and mobile devices from unauthorized access.
TS Terminal Services: Microsoft’s “Thin Client” solution for sharing applications. Now called Remote Desktop Services on Server 2008.
 TTL Time To Live: A time limit (usually in seconds) used to define how long a DNS record should be ‘alive’ for. Also used in networking to define how long a packet can remain ‘alive’.
UAC User Account Control: Introduced with Windows Vista, a system designed to stop you running normally with an administrative account
UCS Universal Character Set: A method of encoding characters so they can be sent digitally.
UDP User Datagram Protocol: This is a a transport protocol which operates at the same layer as TCP but unlike TCP it is not connection based, it’s a “Fire and forget” protocol if it does not get to the other end it’s not important.

User Interface: Usually a GUI that with every iteration, someone with change, rename or move things around, rendering your notes, blog posts, and even the vendors own documentation out of date. (Cheers Guys!)

UNC Universal Naming Convention: Used to map network drives and resources e.g. server_nameshare_namefile_name
UPN User Principle Name: Microsoft call this an ‘internet style name’. It is a user and a domain seperated by an @ symbol.
UPS Uninterruptible Power Supply: A device that provides battery backup power when the electrical power fails or drops to an unacceptable level.
URI Uniform Resource Indicator: Used a lot in vSphere to identify ports and services
URL Uniform Resource Locator: A Web address like
USB Universal Serial Bus: A Method of connecting computer peripherals (up to a maximum of 127 devices). USB 1.0 is 1.5Mbps, USB 1.1 is 12Mbps, USB 2 is 480 Mbps and USB 3.0 is 4800 Mbps.
UTC Universal Time Coordinated (Commonly Coordinated Universal Time) is the time taken from Greenwich this can also be called “Zulu Time”.
UTF-8 UCS Transformational Format (8bit) A system for encoding characters so they can be sent digitally
vASA Virtual ASA: A virtual appliance that performs the same fictions as a Cisco ASA firewall.
VAMT Volume Activation Management Tool: A Microsoft tool for managing MAK software license keys. This can also change KMS keys to MAK keys.
VB Visual Basic: A Microsoft programming language. Also used with VBScripting, which uses files with a .vbs extension to run scripts
 VE Virtual Edition: The virtual appliance version of a device that’s usually hardware e.g. a F5 BIG-IP appliance.
VC Virtual Center: A Server that manages your VMware ESX hosts
 VCSA vCenter Server Appliance: A linux appliance for managing VMware clusters.
VI3 Vmware virtual infrastructure version 3
VI Virtual Infrastructure.
VI: Also a text file editor in Unix/Linux.
VIB VMware installation bundle: software and driver packages needed for installing ESX5
VIM Virtual Infrastructure Manager: or VMware vCenter
 VIP Virtual IP address: An IP address that’s used either when HA / Failover is deployed to give a single contactable IP, for several network ‘nodes’. Or an IP address presented, (usually via Proxy ARP) in front of a load balancer or ADC.
VLAN Virtual LAN: A group of network devices that appear to be on a separate network segment, also called a broadcast domain.
VLK Volume License Key: Windows XP/Windows Server 2003 (And earlier) used these keys for multiple activations, they have been replaced with MAK and KMS Keys
VLSC The Microsoft Volume License Service Center, formally called eOpen (here)
VLSM Variable Length Subnet Mask(ing): The process of taking a ‘classfull’ subnet mask, and the ‘borrowing’ further bits from the host portion to make more subnets.
VM Virtual Machine: A group of files that when read by some software like VMware, VirtualPC, Hyper-V, or XenServer looks and behaves like a real physical machine.
VMDK Virtual Machine Disk: VMware format for storing hard drives for virtual machines.
VMFS VMware file system: Used so that multiple hosts can access the same storage at the same time, it uses a system of “Locks” on each file so only one host access the data at any one time.
 vMotion A Vmware system for moving a running virtual machine from one ESX host to another ESX host. You can also use “Storage Vmotion” to move a running virtual machine’s files and hard disks to another piece of storage.
 VNC Virtual Network Computing: A remote desktop solution that works across Windows/Linux/macOS etc.
vNIC Virtual NIC
 VPG Virtual Protection Group: Zerto Virtual Protected Group, is a group of servers protected by Zerto through replication.
VPN Virtual Private Network: A secure link that carries sensitive data over a public network, the data is protected by encryption.
VPS Virtual Private Server: A VM that provided for you for a monthly or yearly fee.
 VRA Virtual Replication Appliance: A virtual appliance installed on each hypervisor hosting virtual machines to be protected or recovered, that manages the replication of data between the protected and recovery sites.
VRF Virtual Routing and Forwarding: A technology that allows routers/switches to host multiple routing tables at the same time.
vSphere VMware’s cloud operating system formally called VI3
VSC Virtual Service Community: Used on HP wireless networks this is a collection of network settings.
VSS Windows Volume Shadow Services: System used by Microsoft for backing up data.
VT-x Intel’s processor Visualization technology, Originally code named “Vanderpool” it needs to be enabled on some machines in their BIOS/RBSU/CMOS
WAIK Windows Automated Installation Kit: A suite of tools from Microsoft for imaging and deploying Windows systems. With Windows 8 this has now been replaced with the ADK
WAN Wide Area Network: A network that connects geographically distributed LANs. Also the external port on a router or firewall.
WAP Wireless Access Point,: A Device for connecting wireless network hosts to a wired network, or for ‘bridging’ them onto another network.
WCF Windows Communication Framework: This is a Windows Server 2008 feature that runs under .net
WDS Windows Deployment Services: A system for deploying (imaging) PC’s and Servers from a central Windows Server (Replacement for RIS).
WEP Wired Equivalent Privacy: A security protocol used by Wi-Fi networks. Its not considered as secure as WPA, because of an inherent fault in the way it uses RC4 to generate keys. Its easily defeated and should NOT be used to protect sensitive data.
 WID Windows Internal Database: Sometimes referred to as ‘SQL embedded’, it’s the database engine built into Windows Operating systems.
Wi-Fi Wireless Fidelity: A term used to describe various net worked devices on a WLAN connected wirelessly.
WindowsPE Windows Pre-Execution Environment: A cut down version of Windows that can be run from USB drive, CD, or deployed from WDS.
WINS Windows Internet Naming Service: A legacy Microsoft method of resolving computer NETBIOS names on a network.
WLAN Wireless Local Area Network (See LAN)
WMI Windows Management Instrumentation: Is a system that programmers can use to talk to and get information from Windows systems. And also to remotely manage those systems.
WPA Wi-Fi Protected Access: A security protocol used to secure wireless networks, its considered more secure than its predecessor WEP, because WPA uses TKIP integrity to change the secure key used. It can also use EAP.
WSUS Windows Server Update Services: Free update and patch management system for Windows servers and applications.

World Wide Web: A collection of text and graphics displayed in a web browser, what most people would call the Internet

www is also the Cisco reference to TCP Port 80 (http)

x509 A Standard for PKI and digital certificates.

XBOX Media Center: Software originally developed for the XBox, but now available for install to Windows and Linux as a Media Center Suite.

Also available as XBMCbuntu (a complete XBMC install built on a cut down version of Ubuntu Linux).

XML eXtensible Markup Language:A structured way of presenting information, that uses tags much like HTML
ZAK Zero Administration Kit: Introduced with Windows NT4.
 ZVM Zerto Virtual Manager: An application that manages replication at the site level. The ZVM monitors either the vCenter Server or System Centre Virtual Machine Manager to get the inventory of VMs, disks, networks, hosts, etc.
ZIP A term used to describe the process of compressing many files/folders and putting then in a compressed “Archive” folder. “.zip” is a file extension for an archive though there are more archive types, e.g. .RAR, .CAB, and .TAR are common examples.