Network terms

Port-to-application mapping (PAM) refers to a process that associates specific network ports with the applications or services that use them.

T1 line refers to a type of fiber optic telephone line that can handle more data than traditional telephone lines.

Demand Assigned Multiple Access (DAMA) refers to a particular channel access method, essentially, rules and protocols that determine how multiple users can share communication channels.

A reverse proxy is a server that acts as a middleman between clients (such as web browsers) and backend servers that host websites and web apps.

A RESTful API is an interface that allows two computer systems to communicate and exchange information safely.

Remote Direct Memory Access (RDMA) is a technology that allows computers in a network to exchange data directly from their memory without involving the CPUs.

Hybrid WAN refers to a networking architecture model that creates a unified network infrastructure by combining multiple connection types and technologies.

A network meltdown is a severe disruption of network services by a dramatic slowdown or complete halt of its traffic.

Mobile-to-mobile convergence (MMC) refers to a framework for integrating mobile devices and improving their communication directly with each other, sharing resources, and providing a unified user experience across various devices.

Zero trust is an IT security model based on the “never trust, always verify” concept.

Zero-configuration networking (zeroconf) refers to a set of technologies allowing network devices on a local network (such as home or small office) to automatically configure themselves.

A workgroup bridge is a networking device that extends the Wi-Fi network coverage by connecting a wired network to a wireless network.

A wildcard mask is a method network administrators use to help them identify or select specific groups of IP addresses.

A webhook is a custom callback implemented in a web page or a web application.

Web mapping is the creation of interactive maps that users can access over the internet.

A WAN is a collection of smaller local area networks (LAN) linked together for a specific purpose.

A WAN port is the socket on a router that’s wired to an external network.

A WAN optimizer refers to a networking apparatus or software designed to enhance the performance and effectiveness of wide area networks (WANs) by fine-tuning data transmissions between devices.

A WAN mini port is a software driver for Windows XP (and later versions) that allows devices to connect to wide area networks (WANs).

WAN aggregation is the process of combining multiple Ethernet links into a single logical connection between two devices.

Regarding cybersecurity, a walled garden refers to a controlled environment with boundaries and limited access to a network, system, or various applications.

Wake-on-LAN (WoL) refers to a feature that allows a computer to be turned on remotely through a network connection.

VoIP gateway is a network device that converts voice and fax calls, in real-time, between the public switched telephone network (PSTN) and an IP network.

Voice over long-term evolution (VoLTE) refers to a standard for high-speed wireless communication for mobile phones and data terminals improving upon traditional 2G and 3G networks.

A VLSM (short for “variable length subnet mask”) is a computer networking technique to divide an IP network into subnets with different subnet masks.

VLAN tagging is a method used to identify packets belonging to different virtual LANs (VLANs) on a network.

Visitor-based networking (VBN) is a technology that enables users to connect to a local network or the internet without the need for traditional Wi-Fi.

Virtual teletype (VTY) is a command line interface that gives users access to a device's control plane, most often in network devices like routers and switches.

Virtual routing and forwarding (VRF) is a technology that allows several routing tables to coexist in a single router.

Virtual private LAN service (VPLS) is a technology that enables the creation of a virtual local area network (LAN) across a wide area network (WAN), such as the internet.

Virtual networking is a technology that makes it possible to create virtual versions of physical computer networks.

Virtual network adapters work like physical network interfaces but in a digital way.

A virtual IP address (VIPA) is an IP address that is not connected to a physical adapter or physical network interface.

A virtual channel identifier is a unique number used in data networks to differentiate and route data streams.

Very high-speed digital subscriber line (VDSL) refers to a type of internet connection that significantly improves the speed of data transmission over traditional telephone lines.

vCPE is a network architecture model where traditional hardware-based customer premises equipment, like routers, firewalls, and switches, are replaced with software-based equivalents.

A vampire tap is a device used to establish a connection to a network cable without cutting or disrupting the cable's data flow.

A UTM network, short for unified threat management network, is a holistic solution merging various security capabilities within one unified system or platform.

A user agent is a type of software that acts as an intermediary between a user and a network service, like a website.

Usenet is one of the oldest computer network communication systems.

A Uniform Resource Name is a permanent identifier within the broader Uniform Resource Identifier (URI) system.

A uniform resource identifier (URI) is a character sequence that identifies a physical or logical (abstract) resource connected to the internet.

A unicast address represents a distinct IP address allocated to an individual device within a network, enabling direct communication on a one-on-one basis between the sender and recipient.

A trunk port is a specific port on a switch configured to transmit data traffic for multiple VLANs (Virtual Local Area Networks) by encapsulating the traffic with unique VLAN tags.

A transponder is a device used to receive electrical signals and emit different signals in response.

A transparent proxy is a server positioned between the user’s device and the internet that filters, authenticates, and caches the user’s traffic without any knowledge or setup on their part.

A transparent bridge serves as a networking apparatus that links a minimum of two network segments, facilitating the transfer of data between them without changing or modifying the data packets.

TRANSEC is the process of making sure data transmissions can't be infiltrated or intercepted by a person, application, or device.

A transceiver is a device that can be found in fiber optics networks.

Traffic shaping is a network traffic management technique used to control and prioritize traffic, optimize network performance and ensure efficient bandwidth use.

A token ring is a communication pathway used in local area networks (LAN) to connect devices and allow them to exchange data.

A token ring network is a type of local area network (LAN) that connects devices in a circular or star shape.

Throughput is the amount of information a system can process in a given amount of time, measured in bits, bytes, or data packets per second.

A terminal node controller (TNC) is a device that acts as an interface between a computer and a radio to facilitate data communication over amateur radio networks.

A terminal adapter is a device that acts as a bridge between a digital device and an analog network, enabling communication between the two.

Telecommunications equipment refers to devices and systems that facilitate communication by transmitting, receiving, or processing information via electronic means.

Tarpitting is a technique used to slow down or delay email spammers or other automated systems that attempt to abuse a network service by sending a large number of requests.

A T3 line, sometimes called a DS3 line, is a speedy digital connection commonly used for transferring large volumes of data.

System migration refers to the process in which a customer transfers data, applications, or IT resources to a relatively newer environment.

Synchronous optical networking (SONET) is a widely accepted standard for the conveyance of digital information across fiber-optic networks.

Synchronous data transmission means sending data between devices at a fixed rate.

A switching loop is a network condition where the interconnections between switches and bridges create a looped path for data packets.

A switching fabric is a network topology where the network nodes are connected to each other using one or more switches (usually crossbar switches).

Supernetting is a technique in computer networking for combining multiple smaller network addresses into a single larger network address.

Subnetting is a technique in computer networking that divides a single IP network into multiple smaller subnetworks, known as subnets.

A subnet (also known as a subnetwork) is a small network within a large one.

A stub network is a local area network (LAN) that does not connect to the outside.

Streaming network telemetry is the process of continuously monitoring, analyzing, and collecting data from network traffic in real-time.

A store-and-forward manager is a system that receives, stores, and then forwards a message or data to its final destination.

A sticky session, also known as session affinity, refers to the practice of load balancing where user requests during a session are directed to the same server.

Static routing is an IP-based routing system that relies on manually configured routing tables to function.

Static NAT is a technique for routing traffic from an external static public address to an internal private (unregistered) IP address.

A static IP is an IP address that doesn’t change over time.

SSL offloading, alternatively called SSL termination, involves assigning the computing responsibility of coding and decoding Secure Socket Layer (SSL) data to a distinct device, often a specially dedicated hardware unit.

Splinternet, or cyberbalkanization, is the division of the internet into smaller, isolated networks, often because of regional, political, economic, or regulatory reasons.

Space shifting, or place shifting, enables you to stream media content like live TV broadcasts, recorded videos, or music from your home media setup to any other device.

Source routing is a technique in which the sender specifies the route the data packet will take through the network.

Software-defined networking (SDN) is a network management and design approach separating a network's control and data planes.

Software-defined infrastructure (SDI) is where the setup and management of networks, storage, and servers are controlled by software without human involvement.

Sneakernet refers to a term used to describe the transfer of electronic information, especially large computer files, by physically carrying removable media such as magnetic tape, CDs, DVDs, USB flash drives, or external hard drives from one computer to another.

A SIP proxy is a proxy that is responsible for the management of all the SIP calls in an organization’s network.

A signaling gateway (SGW) is a network element that translates signaling messages from one protocol to another.

Shortest path bridging (SPB), defined in the IEEE 802.1aq standard, is an advanced network technology used for simplifying the creation and configuration of complex network topologies.

Shared resources refer to computing resources that multiple users, applications, or systems share, such as hardware, software, and data.

A shared proxy is a proxy server used by multiple users at the same time.

A shared IP is an IP address shared between multiple dissimilar domains.

Shared call appearance is a telephony feature that allows a single telephone number to be assigned across multiple devices.

The session layer is the fifth layer in the Open System Interconnection (OSI) model.

A session border controller (SBC) is a network device that manages voice, video, and messaging communications over IP networks, ensuring that they are safe and private.

A server farm, often known as a data center, is a large collection of servers housed together in one or more physical locations.

A serial server is a networking apparatus that facilitates interactions between serial devices and various other equipment, like computers or additional network components, across an Ethernet network.

Serial communication is a method of sending and receiving data between devices one bit at a time and in a sequential order, over one communication channel.

SerDes is not a cybersecurity-specific tool but is instead used in communication and networking systems.

A semantic network is a structured representation of knowledge that connects concepts using nodes and links.

Segment routing is a network routing method where data packets are forwarded along a path specified by the source node (the originating router or edge device).

Security perimeter in cybersecurity includes multiple security solutions that you can use to protect your network from hackers, cyberattacks, and other unauthorized access.

A routing table is a database of rules for directing data packets over an Internet Protocol (IP) network.

A routing loop is a common problem in computer networks that occurs when data packets get trapped and continuously move around between routers without reaching their intended destination.

The Routing Information Field is a key element in network packets, central to various routing protocols.

Route summarization or route aggregation is used for network management in cybersecurity.

Route poisoning is a computer networking technique to prevent routing loops in dynamic routing protocols (such as the Routing Information Protocol or RIP) and maintain network stability.

Route flapping is an issue that occurs in computer networking and telecommunications and refers to a router continuously fluctuating in a short time period while it is routing traffic.

Round-trip time (RTT) is the millisecond duration for a packet of data to travel from the source to the destination and back.

A rotating proxy is a type of proxy server that automatically changes the IP address it assigns to a user after a certain period or after each request.

A rogue device refers to an unauthorized piece of equipment that connects to a network without approval, posing a threat to the network's security.

A ring network is a type of network where each device is connected to two others to form a ring — the last node is connected to the first to complete a loop.

RFC1918 are IP addresses assigned to an internal host by an enterprise.

Reverse-path forwarding is a technique in modern routers that ensures efficient packet routing and enhances network security.

Repeater is a type of network node that amplifies incoming signals and rebroadcasts them over a wider area or higher network layer than the original signal.

A remote user is a person or entity who accesses a computer, network, or tool from a remote location, not from the physical site of the system.

A remote shell (or terminal) is a tool that allows users to access and control a device or server from a remote location.

Remote infrastructure management (RIM) refers to a practice in which an organization's IT infrastructure, including servers, networks, and databases, is monitored and managed remotely by a team of experts.

A remote device is a piece of hardware, usually an electronic device, or a software application that can control another device from far away using a wireless or network connection.

A remote desktop is software that allows users to operate another computer’s desktop environment from their own device.

A remote access server is a type of server that allows users to connect to a network from a remote location.

In networking, a relay node is a component that serves as an intermediary for transmitting data between different parts of a network.

A regional internet registry is an organization that performs a crucial role in managing and distributing internet resources, such as IP addresses and AS numbers, within a specific geographic region.

A reference architecture offers a standardized framework for system design.

Real-time communications refer to any form of communication that enables users to interact with each other instantly with little to no delay.

Radio over Internet Protocol (RoIP) is a technology that enables the transmission of radio signals over the internet, enabling long-distance communication and features not typically available with traditional radio systems.

Queries-per-second is a metric for measuring how fast a computer system can handle incoming requests.

Quality of service or “QoS” usually refers to a tool that manages network resources to guarantee better performance for some critical tasks over the less important ones.

PvP is a type of gameplay where players compete against each other in a game or activity.

The public switched telephone network (frequently shortened to “PSTN”) is the global network of telephone lines for voice and data communications.

A public proxy is a type of proxy server that anyone on the internet can access and use.

Generally, a public network refers to any accessible network to any user without restrictions.

A public IP is an IP address that can be easily accessed over the internet.

Pseudowire (PW) is a telecommunications and networking mechanism that emulates a point-to-point, or a circuit, connection over a packet-switched network (PSN).

Proxy surfing is the act of accessing the internet while connected to a proxy server.

A proxy agent is a middleman sending client requests to other servers or resources and then bringing responses back.

Propagation delay refers to the amount of time it takes for a data packet to travel from the sender to the receiver across a network.

Promiscuous mode is a network card configuration that passes all traffic received to the network adapter driver and protocol stack.

A programmable network is a network infrastructure that allows customizing and controlling network behavior through software.

A private proxy, also known as a dedicated proxy, is a type of proxy server designated for a single user's exclusive use.

A private branch exchange is an organization’s internal telephone system.

The presentation layer is the sixth layer in the Open System Interconnection (OSI) model.

PPPoE is a network protocol that encapsulates Point-to-Point Protocol (PPP) within the Ethernet link-layer protocol.

Power usage effectiveness is a data center’s energy efficiency.

Power over Ethernet (PoE) is a technology that includes multiple standards or ad hoc systems.

Port triggering is a networking technique used to dynamically open specific ports on a router or firewall when certain outbound traffic is detected.

Port scanning is a technique used to discover open ports (communication endpoints for sending and receiving data) on a computer network.

Port mirroring is a technique that copies and sends network packets from one port to another.

A port mapper acts as a coordinator on a network.

Port address translation is a form of dynamic network address translation that allows multiple users on the same private network to use a single public IP address when they need to leave the private network and use the internet.

Port 80 is the default network port for web servers using HTTP.

Point of presence (POP) refers to a physical location where the internet service provider (ISP) connects to its customers.

Ping is a tool that is used to test the reachability and existence of an IP address.

A ping sweep is a network scanning method or technique that has the ability to determine which IP addresses from an IP address range should live on hosts.

The physical layer is the first and lowest layer in the Open System Interconnection (OSI) model.

A physical address, or MAC (media access control) address, is a unique identifier assigned to a network interface controller (NIC) in a device for communication on a network segment.

A personal web server (PWS) is a software program that allows a person to host a website or web application on their own computer.

A personal area network (PAN) is a small network for connecting devices like smartphones, laptops, and wearable gadgets within a short range, often around a person.

A permanent virtual circuit refers to a specialized network connection that functions like an exclusive data expressway, ensuring efficient communication between two predetermined locations in various technologies.

Perimeter security refers to the measures that protect a network’s perimeter from unauthorized access, invasion, and data theft.

Peering is the voluntary connection between autonomous systems (the separate and distinct networks that make up the internet) for the purpose of exchanging traffic without third-party involvement.

Peer-to-peer (P2P) is a decentralized networking architecture in which unique devices, or peers, directly share resources and data with each other without the need for a central server or authority.

PathPing is a powerful tool for network diagnostics that combines the functionalities of 'ping' and 'traceroute' to provide detailed information about network paths and performance.

Passive optical network or “PON” refers to technology that uses optical fibers and passive components, known as splitters, to connect many internet users via a single PON port.

Particle Swarm Optimization is a computational method that optimizes problems by simulating social behaviors like those of birds in a flock.

Parallel data transmission involves sending multiple bits of data simultaneously across multiple communication channels.

Packet switching refers to breaking data into small chunks, which are then sent over the network, making the transfer more secure and efficient.

A packet-switched network is a digital communication network that first breaks down data into small packets and then transmits each packet individually from the source to the end node via a network channel.

Packet sniffing is the inspection of online traffic flowing across the network.

A packet sniffer is a tool, whether in software or hardware form, that captures and analyzes data packets transmitted over a network.

Packet loss is the failure of one or more data packets to reach their destination during network transmission.

Packet coalescing is a process of merging network packets to decrease the number of system interrupts.

Packet capture is the process of recording IP (Internet Protocol) packets for analysis or review.

A packet buffer is a temporary storage area for data packets in a computer or network device.

Overlay network refers to a computer network that is built on top of an existing network infrastructure.

In general terms, Over-the-Top Application (OTT app) refers to various applications and services provided over the Internet instead of traditional methods, such as general providers.

The OSI model is a conceptual model created by the International Organization for Standardization for enabling different systems to communicate by using standard protocols.

An optical line terminal is the endpoint hardware device in a passive optical network (PON).

An open port is a network port that’s configured to accept all incoming connections.

An .onion domain is the address of a website that can only be accessed through the Tor anonymity browser.

On-premises software is any software installed and operated within an organization's own physical infrastructure or data centers.

An object request broker (ORB) is software that translates requests from one computer or program to another.

Null authentication is a method for accessing a system without any form authentication information (such as a username, password, or authentication token).

NRZ, or Non-Return-to-Zero, operates as an encoding scheme in various data transmissions, especially in the context of cybersecurity and communication systems.

Node is any networked computer or device that delivers, receives, or redistributes data.

Nmap is a free, open-source tool network administrators use to map out the devices their systems are running, find open ports and available hosts, and identify security risks.

The next hop is the next immediate router or gateway in the path taken by data packets as they travel through a network.

Network virtualization is the process of abstracting network hardware into software processes to create a virtual network.

Network transparency refers to the ability of a system to treat remote resources as if they were local.

Network traffic analysis involves observing, evaluating, and examining network data to detect and evaluate security risks, performance concerns, and other possible issues.

Network topology refers to the arrangement and interconnection of various components within a computer network, including nodes (computers, switches, routers) and links (wired or wireless connections).

Network-to-network interface (NNI) refers to the point of interconnection between two or more separate networks, allowing them to communicate with each other.

Network throughput is the amount of data that can be transferred over a network in a given period of time, usually measured in bits per second (bps) or bytes per second (Bps).

A network termination unit (NTU) is a device that serves as the endpoint or boundary of a network.

Network software coordinates communication between computers and other devices.

A network socket is a virtual plug that enables applications and devices to communicate.

Network sniffing is a process that involves capturing, examining, and observing data packets as they travel through a network.

Network slicing refers to a type of network architecture that allows for the creation of multiple virtual networks on top of a common shared physical infrastructure.

A network service provider is a company or a business that offers network access to commercial internet service providers (ISP) and large companies.

A network segment is an isolated or separated part of a computer network.

Network security architecture is the design and implementation of all the strategies, technologies, and practices used by a particular organization to protect its computer networks from cyber threats.

Network scanning is a process used to identify active devices (hosts), services running on them, and other details about the system and network.

Network resilience pertains to the capacity of a network to uphold its performance and functionality when faced with unforeseen incidents like cyberattacks, acts of nature, or equipment malfunctions.

A network processor (NPU) is an integrated circuit with a feature set specifically targeted at the networking application domain.

A network prefix is a number that identifies the network portion of an IP address.

A network port is a communication endpoint on a computer or network device.

Network optimization is using various strategies and technology to improve network performance.

A Network Operating System is software that oversees digital connections.

A network node manager (NMM) is a program that enables a network manager to oversee, maintain, and manage the components of a particular network.

A network map, or network mapping, represents the physical and virtual connections between the nodes within a network.

A network management system (NMS) is software that allows network administrators to monitor, maintain, and manage computer networks.

The network layer is the third layer in the Open System Interconnection (OSI) model.

A network interface card is a hardware component that connects a computer to a network.

Network intelligence is a technology that allows networks to collect, analyze, and interpret data or information about their own operations and traffic.

Network infrastructure is the collection of hardware and software components of a computer network.

A network information system is a directory service protocol used to provide uniform configuration files to a network.

A network ID is the portion of an IP address that identifies which TCP/IP network the host resides on.

A network hub is a networking device that connects multiple computers or devices across the local area network (LAN) and broadcasts data to each connection.

Network function virtualization (NFV) is a network architecture concept that replaces the hardware network’s need to function with virtual machines.

A network frame is a segment of data.

Network discovery is the process of identifying and finding devices, resources, or services within a computer network.

Network degradation is a decline in network responsiveness, connectivity, and overall performance, resulting in a deterioration of network quality.

Network convergence is the process of integrating different types of communication networks, like data, voice, and video, into a single network infrastructure.

Network connectivity is an extensive and comprehensive process by which various parts of a specific network connect with one another.

Network congestion is a condition that occurs when the volume of data traffic in a network exceeds its available capacity, resulting in reduced data transfer speeds, increased latency, and potential data loss or packet drops.

Network configuration management is the process of monitoring, maintaining, and modifying the configuration of devices connected to a network.

A network bridge is a device or software that connects two or more network segments, allowing devices on separate networks to communicate as if they were on the same network.

A network bottleneck refers to a situation in which limited capacity or bandwidth constrain the flow of data between two or more devices or components.

Network automation refers to the use of software to automate network functions.

A network administrator is a professional tasked with managing and maintaining an organization’s computer network.

A network adapter is a hardware component or apparatus that links a computer or alternate electronic equipment to a network, enabling communication with other devices on the network.

A network access server is a specialized server that acts as a gateway to a larger network.

A netsplit transpires when communication disruptions between servers within an Internet Relay Chat (IRC) network lead to the network fragmenting into two or more distinct networks.

NetScaler, now known as Citrix ADC, is a high-performance application delivery controller (ADC).

A netmask is a 32-bit binary mask that divides an IP address into subnets or smaller networks and defines networking rules in routers and firewalls.

NetFlow is a network protocol designed for collecting IP network traffic data that enters or exits a particular interface.

Netcat (nc) is a free, popular, and versatile command-line tool that allows users to read from and write to network connections.

NetBIOS, or Network Basic Input/Output System, is an API (application programming interface) that enables communication between computers on a local network.

NAT64 — or Network Address Translation IPv6 to IPv4 — is a technology that allows devices using the newer Internet Protocol version 6 (IPv6) to communicate with devices using the older Internet Protocol version 4 (IPv4).

NAT traversal is a technique that allows devices behind a NAT (network address translation) device to communicate with devices outside the NAT network.

NAT loopback, also known as hairpin NAT, is the feature where a router can route a network request from a device back within the same network rather than directing it to the internet.

NAS (network-attached storage) is networked storage that allows multiple users and client devices to access data from a centralized disk capacity.

Narrowband is a limited-capacity communication type that uses a narrow range (or band) of frequencies to transmit information.

N-tier architecture is a software architecture model that separates distinct areas of functionality into individual tiers or layers.

Mutual authentication is a security process where both the server and client validate each other's identities before initiating a connection.

Multiprotocol Over ATM allows various network protocols to transmit over Asynchronous Transfer Mode networks, combining ATM's speed and quality with the versatility of protocols like IP.

Multiprotocol label switching (MPLS) serves as a tool to accelerate and regulate data traffic movement within a network.

A multilayer switch (also known as a layer 3 switch) is a networking device that combines the functions of a traditional layer 2 switch with those of a Layer 3 router.

A multicast router (mrouter) is a network device that is responsible for forwarding multicast traffic.

A multi-tier application is an application that splits its functions across separate layers, meaning developers can change one section without affecting others.

Multi-homed refers to a system or device that is connected to multiple networks simultaneously.

A multistation access unit (MSAU) is a networking device that connects multiple devices in a Token Ring network.

The MPOE (minimum point of entry) is the closest point where the wires of a telecommunications provider (e.g., a cable company) enter or pass through a property/building.

Multiprotocol label switching (MPLS) is a data forwarding technology enterprises use to connect their remote sites.

Moves, adds, and changes are routine actions that tech teams have to take in order to keep the equipment running, up to date, and in line with user requirements.

A modem is a device that allows computers to transmit data over analog transmission mediums like telephone lines or cable networks.

Mobile virtual network operator (MVNO) refers to a company that provides mobile phone services but does not have its own licensed frequency allocation of the radio spectrum, nor does it necessarily have the entire infrastructure required to provide mobile telephone service.

A mobile proxy refers to a variant of proxy servers leveraging IP addresses allocated to mobile gadgets by mobile ISPs.

A mobile ad hoc network is a decentralized self-configuring wireless network of mobile devices (such as laptops, smartphones, and tablets) connected by wireless links.

Micro-segmentation is a network security technique that divides a network into multiple isolated segments or zones.

A metered connection is a way to measure the amount of internet data used.

Message switching is a network switching technique that transmits the entire message from one node to another without breaking it into smaller parts (packets).

Message passing enables processes, threads, and systems to send and receive messages in a concurrent, parallel, or distributed computing environment.

Message-oriented middleware (MOM) is a way for distributed systems to send and receive messages (data packets) to each other.

A message broker, also known as middleware or a message queue, is a software application that mediates communication between two or more independent systems.

Mesh topology is a network design in which each node (computer, device, or switch) is directly connected to every other node in the network.

A mesh node is a WAP (Wireless Application Protocol) device with multiple radio systems that acts as a mesh router and endpoint (e.g., a PC, smartphone, or printer).

Mesh networking is a decentralized network topology that allows multiple nodes (devices) to connect and communicate with each other directly or indirectly.

A member server is a computer in a network that belongs to a domain (typically in a Windows Active Directory environment) but does not hold the role of a domain controller.

A media access unit (MAU) is a standalone device that acts as an Ethernet transceiver when connecting network nodes in local area networks LAN).

Manchester encoding in cybersecurity refers to a specific data encoding method usually used for transmitting data over a communication channel.

A management information base is a database with information about a network’s software and hardware components.

A managed data center is a facility where computing and networking equipment is centralized.

A metropolitan area network (MAN) is a network connecting local area networks (LAN) in a confined geographic area, typically a city.

A main distribution frame is a central point in a telecommunications system where the incoming lines are connected to an internal network through intermediate distribution frames (IDF).

Magnet link is a hyperlink used to download data and files via peer-to-peer (P2P) networks.

A MAC address is a set of numbers and letters that identify a network device.

The LSDB, short for link state database, is a vital part of the OSPF (Open Shortest Path First) protocol, primarily used for routing purposes within large and complex networks.

Low latency refers to the amount of time it takes for a system to process and respond to a request.

A loopback plug is a hardware component engineered to assess and resolve issues in network interfaces by emulating a network connection without directly linking to an external apparatus.

A loopback address is an IP address you can use to loop and return data packets through a network interface card.

LonWorks is a networking platform that lets devices from different manufacturers communicate and work in a single system.

Logical topology refers to the abstract representation of how data flows and is transmitted within a network, independent of its physical layout.

Logical network refers to the way a network appears to a user, without regard to the actual physical layout or connection methods.

A localhost is the hostname of a computer that is currently being used to execute a program in which the computer is acting in the capacity of a virtual server.

A local area connection is a network connection established to access the internet.

A load balancing router is a network device that distributes network traffic across multiple servers to optimize resource usage, improve response times, and minimize downtime.

A load balancer can be either a networking device or software, and allocates network traffic among numerous servers to maximize resource usage, reduce latency, and guarantee system dependability.

Link Aggregation Control Protocol (LACP) is a technique to bundle several physical network links together.

A leased line is a private, dedicated telecommunications channel with a fixed bandwidth between two or more sites.

Leaf-spine architecture is data center topology with two switching layers — a leaf layer and a spine layer.

A layer 4 switch functions at the transport layer (layer 4) within the OSI model, empowering it to determine routing based on information from both the network layer (layer 3) and the transport layer (layer 4).

LAN Switching involves using a device called a switch to connect and manage data traffic between devices in a Local Area Network (LAN).

A Label Edge Router is situated at the boundaries of an MPLS network, handling data packet labeling and delabeling as traffic enters or exits the network.

Key-based routing is a method responsible for permitting access to resources and communications paths via specific cryptographic keys.

Keepalive is a networking feature that keeps a connection between two devices open for an extended period of time, even if no data is transmitted.

Jump server refers to a secure computer that spans two or more networks, allowing users to connect to it from one network, and then “jump“ to another network.

A jumbo frame is an ethernet frame with a data payload larger than 1,500 bytes, which is the limit for standard IEEE 802.3 frames.

Jitter is the variation in the delay of data packets sent over a network, causing irregular arrival times at the destination.

ISP (internet service provider) is a company that provides web access to customers.

ipconfig is a command-line utility in operating systems like Microsoft Windows, ReactOS, and macOS that displays the current network configuration and settings of a computer.

IP SLA is a feature on Cisco IOS devices that allows network performance to be monitored.

IP reputation refers to the credibility score assigned to an internet protocol (IP) address based on past activities.

The IP Multimedia Subsystem (IMS) is a standardized framework designed to deliver seamless multimedia, voice, and data services over IP networks, enabling interoperability between various devices and networks while ensuring high-quality, real-time communication.

IP multicast is a method of distributing data to a group in a single transmission.

IP forwarding is the process where a router accepts incoming network traffic or packets on one interface and forwards them to their destination after it recognizes that they’re meant for another network or system.

IP Centrex is a cloud-based telephony service.

IP address blocking, or simply IP blocking, is a method of limiting access to certain websites and applications to specific IPs.

An inverse multiplexer (IMUX) splits a high-speed data stream into lower-speed ones.

An intranet is a private computer network that organizations use to provide a safer environment where employees can share data, communicate, and collaborate with each other quickly and efficiently.

Interoperability testing checks whether different systems can effectively interact and share data.

Internetworking refers to the process of connecting different networks to form a larger network.

Internet transit refers to data movement between networks, devices, and autonomous systems (networks operated by organizations, such as ISPs or large corporations).

Internet telephony is technology that allows communication through voice calls, SMS, or fax by transmitting the data over the internet.

Internet routing is the process of sending and re-routing IP packets via the internet between two or more nodes in a network.

Internet Protocol switching is a network technology that combines routing and switching to forward data packets in a network (i.e., to send information).

The internet protocol private branch exchange (IP PBX) is a telecommunication system.

An Internet Protocol address, more commonly referred to simply as an IP address, is a unique numeric address that identifies a single device on a network.

An internet exchange point (IXP) is where different networks, including internet service providers (ISPs) and large-scale content providers, come together to exchange internet traffic.

Internet connection sharing (ICS) is a technique that allows computers to share their internet connection with others.

Internet background noise is internet traffic that internet systems and networks generate without direct user involvement.

The internet backbone is a worldwide internet network owned by several major internet service providers, also known as Tier 1 ISPs.

An interface message processor is a specialized computer that was used to connect networks to the ARPANET (Advanced Research Projects Agency Network).

An interconnection agreement is a contract between two or more parties outlining the terms for connecting telecommunications networks.

Intent-based networking (IBN) is a modern approach to network management that focuses on making networks smarter, more automated, and easier to control.

An intelligent network (IN) refers to a telecommunications network framework engineered to streamline and automate a wide range of network services and operations.

Integration architecture is the design and structure organizations use to connect different software applications, systems, and technologies to work together efficiently.

An integrated service digital network is a type of digital telephone system that allows for the simultaneous transmission of voice, data, and video over the public switched telephone network.

Ingress filtering is a network security mechanism that protects a network by checking and controlling the incoming traffic.

Infrastructure software forms the central framework of computer systems.

In cybersecurity, “Infrastructure security” can be described as structured practices and measures that guard IT systems, networks, software, and hardware assets against various threats.

Inetd, or “internet daemon,” is a super-server daemon in many Unix-like operating systems that provides internet services.

IEEE 802 is a family of standards for local area networks (LANs) and metropolitan area networks (MANs).

I2P is a peer-to-peer (P2P) anonymous network that protects you from censorship, government surveillance, and online monitoring.

Hyperlink is a digital reference to data that a user can explore or be directed to by clicking or tapping on a reference.

A hybrid routing protocol combines the best of both distance-vector and link-state routing strategies.

In cybersecurity, hybrid IT management can be explained as an overall administration and strategic coordination of organization IT infrastructure components that covers on-premise systems, hybrid cloud environments, and edge systems.

A hub and spoke network is a network design that connects multiple devices, called spokes, to one central device, a hub.

A hot server is a device that is actively managing a large and continuous influx of network traffic.

Hot Potato Routing is a network routing method where data packets are passed rapidly from one node to the next with minimal delay — like in the hot potato game.

A host address is a device's individual identifier on a network.

The hop count signifies a measurement that denotes the quantity of intermediate devices, like routers, through which a data packet needs to pass in order to arrive at its intended destination within a network.

A high-performance radio local area network (HiperLAN) is a wireless network that offers quick data transmission within a specific area.

A high anonymity proxy, sometimes called an elite proxy, is a proxy server renowned for providing superior anonymity for the user.

Hamming distance, sometimes referred to as the hamming metric, is a method employed to determine the dissimilarity between two equal-length strings by tallying the number of positions where their respective symbols do not match.

Hamming code is a type of linear error-correcting code that adds extra bits to data in order to detect errors resulting from transmission.

GSSAPI (Generic Security Services Application Programming Interface) is an application programming interface that allows software to access security services (such as authentication, encryption, integrity checking, and secure messaging).

GSM, short for Global System for Mobile communications, is a standard developed by the European Telecommunications Standards Institute (ETSI) to describe the protocols for second-generation (2G) digital cellular networks used by mobile devices.

Global server load balancing, often abbreviated as GSLB, refers to distributing internet traffic across multiple servers geographically distributed worldwide.

A global catalog (GC) is a distributed data repository in Microsoft's Active Directory (AD) systems.

A global area network (GAN) is an extensive network of interconnected networks covering an unlimited geographical area (e.g., the Internet).

A gigabit point of presence (also known as “gigabit PoP” or simply “GigaPOP”) is a high-speed access point, typically used by internet service providers to connect their networks.

Gigabit interface converter (GBIC) refers to a certain type of modular transceiver that is typically used to connect a device, such as a switch or router, to a network via a fiber optic or copper cable.

Geo-blocking is a method of restricting access to online content based on the user's geographical location.

A generic access network (GAN) is a system that makes it possible for your mobile device to connect to the internet or make calls using different types of networks.

A full duplex is a communication mode in which data can be transmitted simultaneously in both directions over a communication channel.

The FTP proxy is a server or software component that allows sending files over the internet safely.

Frequency-division multiple access is a telecommunications technique that allows multiple users or devices to divide a communication medium (such as a radio frequency band) between them.

A forward proxy is recognized in networking and cybersecurity as a server between a user's device and the internet.

Fog computing is a decentralized computing infrastructure in which data, compute, storage, and applications are located somewhere between the data source and the cloud.

Flow routing in network computing is a technique used for managing how packets travel between nodes in a network.

Flooding is a communication technique where a node sends data packets to every destination in the network (whether or not the destination requires it).

Flexible Single Master Operation is a specialized set of roles in Microsoft Active Directory (AD), where a single domain controller hosts one or more services to prevent conflicts and ensure consistency across the AD environment.

Fieldbus is an industrial network system for real-time distributed control.

Fiber to the Node is a telecommunications infrastructure in which fiber optic cables are used to provide high-speed internet access to customers.

A fiber optic switch is a gadget (a physical device) that transmits signals and data via optic cables and modules.

Fiber Distributed Data Interface (FDDI) is an obsolete collection of ANSI and ISO standards for the high-speed transmission of data using fiber-optic cables.

A Fiber Channel storage area network (FC SAN) is a specialized high-speed network architecture that connects and manages storage devices.

Fault configuration accounting performance security (FCAPS) refers to a model or framework used for network management.

Extranet is part of an organization's private network that can only be accessed by specific outsiders, e.g., contractors, customers, or vendors.

An exit node is a participant in a network that acts as a gateway for traffic to exit the network and enter the public internet.

Evolved Packet Core is the main component of the System Architecture Evolution (SAE) standard for Long-Term Evolution (LTE) networks, providing a framework for converged (as in, using the same circuit or bandwidth) voice and data transfers.

EtherType is a two-octet field in an Ethernet frame that indicates the protocol type of the payload (the data contained within the frame).

Ethernet refers to a widely used wired networking technology that enables devices to communicate with each other over a local area network (LAN).

Ethernet fabric is a network setup that connects network nodes in a way that they act like a single switch.

Error control is a method used in computer networking and telecommunications that detects and corrects data transmitted from the source to the end user.

In networking, an entry node is a point of entry into a specific system.

An enterprise network is an infrastructure that connects an organization's computers, devices, and systems.

Endpoint authentication is a security process that verifies the identity of a device (like a computer or smartphone) before allowing it to access a network.

Egress traffic refers to the data leaving a system or a network.

Egress filtering represents a strategy in network security that diligently oversees and regulates data movement from an internal network to an outside one.

Edge security is the practice of protecting data, applications, and devices at the “edge” of the network rather than at a centralized point like a data center.

An edge network is a decentralized approach to computation.

An edge gateway, also known as an edge device or edge router, is a networking device that serves as a bridge between different networks.

An Edge Datacenter is a smaller, localized computer hub that places computing resources closer to the end-users.

Edge caching is when platforms or websites store digital content closer to users who consume it.

An echo check is a way of testing the integrity of a communication link.

Dynamic ports are a range of temporary ports that the operating system assigns to client-side network connections when an application initiates communication with a server.

A dynamic IP is an IP address provided to a computing device or node when the device or node is connected to a network.

A dual-stack network is a networking environment that supports the simultaneous use of both IPv4 and IPv6 addresses.

Dual-ring topology is a network configuration where each device is connected to two others, creating two concentric circles for information flow.

DSLAM is a network device utilized by ISPs (Internet Service Providers) that combines several digital subscriber lines (DSL) into a single high-speed uplink.

Dotted decimal notation is a human-readable representation of IP addresses in the IPv4 (Internet Protocol version 4) format.

Domain controller is a server that processes authentication requests and validates users' identities on networks.

Diverse routing are backup connections in a network — different available roads for data to travel.

A distributed system is a system with a collection of independent components that are situated on different machines.

A distributed network, also known as a decentralized network or peer-to-peer network, is a type of network architecture where computing resources and data are spread across multiple nodes, usually across various geographical locations, that work together as a single network.

Distorting proxy refers to a type of proxy server that masks the client's IP address by modifying the HTTP headers and presents a fake IP address to the target server.

Distance vector is a routing algorithm used to determine the best path for forwarding data packets between nodes.

A direct connection is a type of internet connection where a device communicates directly with a server or another device without the use of an intermediary, such as a proxy server or VPN.

A digital switch is a piece of hardware that manages the digital signals of a telephone exchange and forwards them to a back-end network.

Digital information is data that represent other forms of data.

Dial-on-demand routing (DDR) is a networking technique that allows a router to establish a connection only when it is required.

A demilitarized zone (DMZ) is a network segment (or zone) that sits between an organization's internal network and the external network, like the internet.

A Delay-tolerant network (DTN) operates effectively in environments with unreliable connectivity, using a “store-and-forward” technique to handle communication disruptions.

Deflection routing is a technique that redirects malicious network traffic from its intended target to another, usually safe and controlled environment.

A default gateway is the piece of hardware that sits between your home network and the rest of the internet.

A default-free zone (DFZ) is a part of the internet where routers do not rely on a default route for forwarding packets.

A dedicated server is a remote server dedicated exclusively to a single user, organization, or application.

A dedicated line is a private internet connection — or a connection that an organization doesn’t share with others.

Decapsulation, also known as unwrapping or de-encapsulation, is a process in network protocols where a device, such as a router or a switch, removes headers or trailers from a data packet to reveal the actual data payload.

A datagram refers to a self-contained, independent unit of data that is transmitted over a network.

Data transmission is the process of sending digital or analog data from one communication device to another.

Data terminal equipment (DTE) is a device responsible for initiating, sustaining, and concluding communication sessions across a network.

A data packet is a small unit of information transmitted over a network, such as the internet, from one device to another.

Data over cable service interface specification (DOCSIS) is a telecommunications standard that allows users to access the internet through cable television networks.

The data link layer is the second layer in the Open System Interconnection (OSI) model.

Data in motion is data that’s moving through any kind of network.

A data diode is a network security device that ensures unidirectional data transfer.

Data communications equipment (DCE) are devices that send and receive digital data in communication systems.

Data center tiers are rankings that showcase the performance of the servers.

A data center proxy is a type of proxy server that masks a user's IP address to provide privacy and security on the internet.

Data center design is the practice of providing the necessary facilities, equipment, power, and staff for a large computing environment.

Regarding cybersecurity, data center architecture refers to a vast array of fields, like layout, design, and preset configuration or the whole infrastructure components inside the data center.

Daisy chain routers is a network setup in which several routers are linked together in a linear arrangement, creating a chain-like structure.

A cyclic redundancy check, abbreviated as CRC, is an error-detecting code commonly used in digital networks and storage devices to detect accidental changes to raw data.

Cyberspace refers to the digital world created by the invention of the Internet.

Cut-through switching is a network switching technique used in Ethernet networks.

A crossover cable is a special type of cable that helps connect two similar devices directly to each other, like two computers or two switches, without needing anything else in between.

A core switch is the primary switch in a network, built to transfer data fast.

Converged infrastructure is a comprehensive approach to data center architecture that combines computing, storage, networking, and sometimes virtualization resources into a single pre-configured IT solution.

A control plane is an element of a network that is responsible for managing networking devices and infrastructure, networking routing and drawing the network topology.

A control network is a network that manages and controls the devices or systems within a larger network.

Context Delivery Architecture is a way to optimize the delivery of digital content to users based on their specific context.

A content delivery network (CDN) is a distributed system of servers across the world that caches internet content near end users.

Connection admission control (also known as CAC) is a network system that decides if new devices (like smartphones, laptops, or printers) can join.

COMSEC is measures and practices taken to protect the confidentiality, integrity, and availability of communications and information transmitted and received by electronic means.

Computer telephony integration (CTI) bridges computer and telephone systems, allowing them to interact and improve communication in businesses or other large enterprises.

Computer network operations is a term the US Department of Defense uses to describe computer network attack, defense, and other exploitation-enabling operations.

Computer network defense is the measure to protect computer systems from spying, disruption, and destruction.

A communications system is a collection of devices, software, and services that enable the transmission and reception of information between two or more parties.

The committed information rate (CIR) refers to the lowest assured data transmission speed provided by a network service provider for a designated connection.

A collision is a situation when two or more data packets try to occupy the same network channel at the same time.

Collision domain refers to a network scenario where one device's data transmission can collide with another's due to them sharing the same network segment.

Co-location is the practice of keeping an organization’s servers and networking equipment in shared third-party premises.

A cluster controller is a component responsible for managing a cluster of nodes.

Clocking, also known as traffic shaping, is a network management technique that regulates network data transfer to ensure a consistent data flow.

A client-server network is a computing model where devices (clients) are connected to a central computer (server).

A client access license is a software license that permits a client to access server software services.

Class of Service is a concept used in fields like computing, telecommunications, and transportation.

Class E IP address is an IP address used for research by individuals responsible for internet networking and IP address development, management, and research.

Class D IP address is an IP address not assigned to individual hosts but rather used for multicasting.

Class C IP addresses fall within the range of 192.0.0.0 to 223.255.255.255 in the IPv4 addressing scheme.

Class-based queuing (CBQ) is a method of handling network traffic by sorting data into different classes, or queues.

Class B IP address is an IP address used for networks that are medium to large in size.

Class A IP address is an IP address used for more extensive networks that have a significant number of hosts.

Cisco IOS, or internetwork operating system, is software that powers Cisco networking devices such as routers and switches.

CIDR is a system that efficiently manages Internet Protocol addresses.

A choke packet is a signal sent back to the data flow source to alleviate potential congestion in the network.

CGNAT is a network address translation (NAT) used by internet service providers to allow multiple users to share a single IP address.

Centralized computing consolidates resources and data into one central system, typically a mainframe or server.

A cellular network, frequently referred to as a mobile network, is a type of communication system that enables wireless communication between mobile devices.

Cell relay is a network technology that transfers fixed-size packets (cells) in networks.

Carrier Ethernet is a technology that allows service providers (e.g., internet or telecommunications companies) to offer high-speed, standardized Ethernet connectivity to businesses and homes.

A captive portal is a web page displayed to newly connected users before they gain broader access to network resources.

A campus area network (CAN) is a computer network that interconnects multiple local area networks (LANs) within a limited geographical area.

A call detail record (CDR) is a file that contains information about a telephone call or other telecommunication event.

A caching server is a dedicated network server or service acting as a storage.

A caching proxy is a type of proxy server that caches (stores) frequently requested web pages, files, or other resources on the server's memory.

A cache server is a dedicated server that stores web content, like websites, images, videos, and web pages, in a local area network.

Cache invalidation is a caching process that includes a computer system declaring cached content as invalid or stale, meaning that the content will be removed or replaced, and it will no longer be displayed upon request.

Bulk data transfer is the process of sending a lot of data from one computer system to another, typically over the internet or other networks.

A broadcast storm is excessive broadcast traffic on a network segment that causes network congestion or slowdowns.

A broadcast domain is a network segment in which, if one device sends a broadcast message, all other devices in that segment will receive it.

A broadcast address refers to a special IP address that is used to send a message or packet to all devices on a network.

A Broadband Remote Access Server connects users to their broadband services.

Broadband over power line (BPL) is a new power line communication method that utilizes electric distribution wiring for high-speed digital data transmission.

Bridge mode is a network configuration where a networking device acts as a pass-through solution rather than as a router.

A bridge connection is a network connection that allows several devices to communicate with each other as if they were on the same physical network, even if they are connected to separate networks.

Bogon filtering is a technique used in computer networking to block bogus (hence “bogon”) IP addresses.

Blackholing is a network security measure where traffic is directed into a ”black hole” and dropped into a network that goes nowhere.

Bit rate refers to the amount of data processed per unit of time, most commonly expressed in bits per second (bps).

Bit error rate (BER) is a way to measure how often errors happen during digital communication or data transmission.

A bastion host is a specialized computer designed and configured to withstand cyberattacks.

Baselining is a technique for assessing computer network performance.

Baseline configuration, or reference configuration, is a set of defined parameters, settings, and functional characteristics of a system, network, or device against which subsequent changes are evaluated and measured.

Bandwidth is the maximum amount of data a network can transfer over a communication channel.

Bandwidth on demand is a networking method that allows users to dynamically allocate network bandwidth.

A bandwidth meter refers to an instrument or application designed to observe and gauge the volume of data transmitted across a network.

Backhaul is the process of transporting data from a remote site or network to a central location, like a data center.

An autonomous system is a collection of IP networks and routers under the control of one entity, typically an internet service provider (ISP), a large business, or an educational institution that presents a standard routing policy to the internet.

An autonomic network is a self-managing network that can configure, optimize, and troubleshoot itself with minimal to no human input.

Automatic private IP addressing (APIPA) refers to a Microsoft Windows feature that allows the computer to communicate with other devices on the same local network (LAN) that have also been assigned APIPA addresses.

Automatic Location Identification is a system used for determining the physical location of a device in real-time.

Auto-negotiation is a feature in computer networks, mainly Ethernet.

Auto attendant refers to a feature in a telephony system that automates the initial stage of a call through an interactive voice response (IVR) system.

An authentication server is what determines whether a person or another server is who or what they say they are.

Asynchronous transmission is a type of data transmission in which data travels one byte or character at a time without using a clock signal to synchronize the timing between the sender and receiver.

Asynchronous Transfer Mode (ATM) is a switching technology used in telecommunications networks for data, voice, and video transfer at high speeds.

ARPANET, or Advanced Research Projects Agency Network, was an early packet-switching network and the first to implement the TCP/IP protocol suite.

ARCnet is a type of network technology used to connect computers and other devices within a local area network (LAN).

An application server is a special kind of server that holds and runs applications.

An application gateway is a type of network device or service that provides a range of security and performance-enhancing features for web applications.

Application delivery is the technologies and practices that ensure applications are available to end users with minimum latency and maximum performance.

An application delivery network (ADN) refers to a suite of technologies that work together to provide high performance, security, and availability for application services over a network.

An application delivery controller (ADC) is a networking component that oversees and enhances the allocation of web-based applications over numerous servers.

An application client is a software component.

An application-centric infrastructure (ACI) represents a class of network architectures where the steering of network operations, efficacy, and defense revolves around discrete applications or services instead of the physical network fabric.

Application awareness is the ability of a system to recognize and classify applications passing through it.

Application-aware networking (AAN) is an approach where the network recognizes and adapts to the requirements of the applications using it.

Application acceleration refers to a suite of techniques and technologies used to optimize the performance of software applications running across a network.

The answer-seizure ratio (ASR) is a key performance metric used in telecommunication networks to evaluate the efficiency of a telephony system.

Anonymizer is a name given to a proxy server that limits the amount of data its user reveals while browsing the internet.

Alternative routing is a technique used in computer networks that establishes additional paths for data to travel between network devices or destinations to make sure data can still flow even if the main path gets blocked or too busy.

Advanced metering infrastructure is a system that enables two-way communication between customers and energy suppliers.

Address space is the range of virtual addresses assigned by the operating system to a user or a program.

Ad hoc on-demand distance vector (AODV) is a routing protocol used in mobile ad hoc networks and wireless mesh networks.

In general terms, ad-hoc mode is a mode where devices connect directly through a wireless connection, meaning there is no extra centralized access point or device, such as a router.

An Access Point Name is a setting used by mobile devices, such as smartphones, tablets, and smartwatches, that allows the device to access the internet.

An access layer allows end users to connect the network.

Accelerated Mobile Pages (AMP) is a web component framework and a website publishing technology developed by Google that aims to provide a user-first format for web content.

A value-added network (VAN) is a specialized system that helps businesses securely exchange electronic data and documents with partners, customers, and suppliers.

Regarding cybersecurity and networking, a 5-tuple can be described as a bundle of five values that identify a specific connection or network session.