Go to main content

Securing the Network in Oracle® Solaris 11.4

Exit Print View

Updated: January 2019
 
 

Network Security Glossary

These glossary entries cover words that are complex, or can be ambiguous because they are used differently in different parts of the operating system, or have different meanings in Oracle Solaris from other operating systems.

IP address

IP addresses that are used in Oracle Solaris documentation conform to RFC5737 IPv4 Address Blocks Reserved for Documentation, RFC 5737 and IPv6 Address Prefix Reserved for Documentation, RFC 3849.

IPv4 addresses used in this documentation are blocks 192.0.2.0/24, 198.51.100.0/24, and 203.0.113.0/24. IPv6 addresses have prefix 2001:DB8::/32. To show a subnet, the block is divided into multiple subnets by borrowing enough bits from the host to create the required subnet. For example, host address 192.0.2.0 might have subnets 192.0.2.32/27 and 192.0.2.64/27.

label

1. An IKEv2 rule's keyword whose value must match the value of the label keyword in a preshared key file when the value of Sauth_method is preshared.

2. A keyword used when creating an IKEv2 certificate. This value is convenient for locating all parts of the certificate (private key, public key, and public key certificate) in the keystore.

3. A mandatory access control (MAC) indication of the level of sensitivity of an object or process. Confidential and Top Secret are sample labels. Labeled network transmissions contain MAC labels.

4. An IKEv1 rule's keyword whose value is used to get the rule.

subnet

A logical subdivision of an IP network that connects systems with subnet numbers and IP address schemas, including their respective netmasks. See also IP address.

trust anchor

An alternative name for the root certificate from a certificate authority. The certificates from the root certificate to the end certificate establish a chain of trust.

tunnel

The path that is followed by a network packet while it is encapsulated.

In IPsec, a configured tunnel is a point-to-point interface. The tunnel enables one IP packet to be encapsulated within another IP packet.