Microsoft Internet Security and
Acceleration Server 2000
control entry (ACE)
An entry in an access control list (ACL).
The entry contains a security identifier (SID) and a set of access
rights. A process with a matching SID is either allowed or denied
control list (ACL)
A level of Windows® 2000 permission that can be set on a file
or a directory allowing specified users access within an NTFS
directory. An access control entry (ACE) is an entry in the
A set of protocol rules and site and content rules that
determines the behavior of an enterprise or array. In the case of
an array, access policy also includes packet filters.
A mechanism used to automatically initiate new requests to
update cached file objects without user intervention. Requests can
be activated based on the length of time an object has been cached
or was last retrieved from the object's source location. This type
of caching can be used to ensure the freshness of specified data
within the cache. See also passive caching,
This feature alerts administrators about suspicious network
events, such as rejected packets, protocol violations, and a full
hard disk. Alerting is enabled when IP packet filtering is turned
on and is recorded in the IP packet filtering logs. Event messages
can also be sent to a user account by using an SMTP e-mail
An IP packet filter that allows access between specified IP
addresses at the specified ports and using the specified
This feature allows a user remote access to a computer on the
Internet without supplying a user name or password but provides
only the guest permissions assigned to that account. Commonly used
in FTP requests. See also IUSR_computername.
Application programming interface, a set of routines used by an
application to direct the performance of procedures by a computer's
A firewall extension that registers for and processes events
related to connection with another network. Application filters are
typically designed to enhance the security provided by a firewall
by excluding or modifying data that approaches the network.
Computer software intended to maintain security on a secluded
network yet allow certain traffic to go between the private network
and the outside world. See also firewall.
Attached Resource Computer Network, a type of local area
A group of ISA server computers used to provide distributed
caching, load balancing, and fault tolerance. Arrays allow client
requests to be distributed among several ISA server computers,
which increases response time for clients. Arrays allow a group of
ISA server computers to be treated and managed as a single, logical
entity. Array communications are peer-to-peer, not hierarchical,
one-way communication between upstream and downstream ISA server
An ISA server computer that is part of an array.
A list of ISA server computers within an array. Each ISA server
computer manages its own table.
Asynchronous input/output (asynchronous I/O) allows some I/O
functions to return immediately, even though an I/O request is
still pending. Asynchronous I/O enables an application to continue
with other processing and wait for the I/O to be completed at a
later time. Asynchronous I/O is also called overlapped I/O.