Glossary¶
- AAPM
- AAPM (Application to Application Password Manager) module enables secure password exchange between applications.
- account
- accounts
- defines the privileged account existing on the monitored server. It specifies the actual login credentials, user authentication mode: anonymous (without user authentication), regular (with login credentials substitution) or forward (with login and password forwarding); password changing policy as well as the password changer itself.
- Active Directory
- Users authorization and authentication in Windows domain.
- AD
- Active Directory - users authorization and authentication in Windows domain.
- anonymous safe
- An anonymous safe has at least one anonymous account assigned to it and it can only have that type of accounts assigned. You cannot assign users to anonymous safes.
- ARP
- Address Resolution Protocol - protocol used for mapping Internet layer addresses (IP addresses) to the physical - link layer addresses (MAC addresses).
- CERB
- Complete user authentication and authorization solution, supporting different authentication methods i.e., mobile token (mobile phone application), static password, SMS one-time passwords, etc.
- CIDR
- Short notation of network addressing, in which the IP address is written according to the IPv4 standard, and the subnet mask is provided as a number of 1 in the subnet mask in binary system (192.168.1.1 - 255.255.255.0; 192.168.1.1/24).
- data retention
- Data retention mechanism automatically deletes session data after define time period transpires.
- DHCP
- Mechanism for dynamic IP addressing management i LAN networks.
- DNS
- Domain Name Server - name server service which maps IP addresses to hosts names which are easier to remember.
- DUO
- is a mobile application that works with Duo Security’s two-factor authentication service. The application generates passcodes for login and can receive push notifications for authentication.
- Efficiency Analyzer
- Efficiency Analyzer module delivers statistical information on users’ activity.
- external authentication server
- Server storing user data used for verification of user login credentials when connecting to Fudo PAM or the monitored server.
- Fingerprint
- Characters string being a result of a hash function on input data, allowing to determine if the input data has been altered.
- fudopv
- AAPM module script, installed on the server, which enables secure password exchange between applications.
- heartbeat
- Network packet used for informing other cluster nodes about machine’s current state. If a cluster node does not receive a heartbeat packet in a given timeframe, it will take over the master node role and will start processing users’ requests.
- hot-swap
- Hot-swap mechanism enables replacing hardware components without the necessity to turn the system off.
- LDAP
- Lightweight Directory Access Protocol - distributed catalog services management and access protocol in IP networks.
- listener
- |listener_def|
- OATH
- Open Authentication - open standard enabling implementation of strong, two-factor user and devices authentication.
- OCR
- Optical Character Recognition - image processing for identifying and indexing text.
- password changer
- Tool which enables facilitating automated password changing on a server.
- passwords repository
- Passwords repository manages password to privileged accounts on monitored hosts.
- policy
- Mechanism which enables defining patterns which in case of being detected will trigger defined actions.
- PSM (Privileged Session Management)
- PSM module is used for recording remote access sessions.
- PSM
- PSM (Privileged Session Monitoring) module enables monitoring and recording remote access sessions.
- Public key
- Authentication method which uses a pair of keys - private (held only by the user) and public (publicly available) to determine user’s identity.
- RADIUS
- Remote Authentication Dial In User Service - networking protocol used to control access to different services within IT infrastructure.
- RDP
- Remote Desktop Protocol - remote access protocol to computer systems running Microsoft operating system.
- RDP connections broker
- Remote sessions management mechanism for server farms.
- redundancy group
- Defined group of IP addresses, which in case of a system failure, will be seamlessly carried over to another cluster node to maintain the availability of the services.
- safe
- |safe_def|
- server
- servers
- |server_def|
- User session which was joined by another user.
- SMS
- is a text messaging service component of most telephone, and mobile device systems.
- SSH
- Secure Shell - networking protocol for secure communication with remote systems.
- SSH access
- Service access to Fudo PAM over SSH protocol.
- Static password
- Basic user authorization method which uses login and password combination to determine users’s identity.
- Syslog
- Events logging standard in computer systems. Syslog server collects and stores log data from networked devices, which can be later used for analysis and reporting.
- time policy
- Time policy mechanism enables defining time periods during which users are allowed to connect to monitored hosts.
- timestamp
- Session data hash value, which enables verifying that the data has not been modified.
- user
- |user_def|
- VLAN
- Virtual networks mechanism, enabling separation of broadcast domains.
- VNC
- Remote access protocol to graphical user interfaces.
- WWN
- World Wide Name - unique object identifier in external storage solutions.