The Forefront TMG extension of the Windows network address translation (NAT) feature. SecureNAT provides a degree of address transparency for networked clients. NAT substitutes a global IP address, valid on the Internet, for an internal IP address. Forefront TMG enhances the underlying Windows NAT functionality by enabling access control for FTP, Windows NetMeeting for H.323, and T-120 protocols. It also enables rerouting HTTP requests, which can then frequently be satisfied by a local cache. This enhancement greatly improves HTTP performance and lowers bandwidth requirements.
A protocol that supplies secure data communication through data encryption and decryption. SSL enables communications privacy over networks.
See secure network address translation (SecureNAT).
A unique string value of variable length that identifies a user, group, or computer account. Every Windows account on a network is issued a unique SID when the account is first created. Generic users and generic groups are identified by well-known SIDs.
A digital certificate (SSL certificate) installed on a server and used by the server to authenticate itself to a client.
In application filters, a COM object that implements an IFWXSessionFilter interface. A session filter object is created by an application filter for a specific session (client computer) when the Microsoft Firewall service raises a network event for which the application filter is registered.
See security identifier (SID).
An Internet standard protocol used for exchanging e-mail messages between SMTP servers on the Internet.
See Simple Mail Transfer Protocol (SMTP).
Software that makes up the smallest unit of console extension. One snap-in represents one unit of management behavior (for example, the event log viewer is a functional unit of management and thus a good candidate to become a snap-in). Snap-ins are COM in-process servers that are implemented as dynamic-link libraries (DLLs).
An endpoint of a logical communications channel used by TCP/IP applications. Sockets are defined in data structures by using a combination of device IP addresses and reserved TCP/UDP port numbers to indicate connection and delivery service information. See also Windows Sockets (Winsock).
A protocol for traversing firewalls in a secure and controlled manner, made available to the public by the Internet Engineering Task Force (IETF).
See full proxy mode.
The practice of making a transmission appear to come from an authorized user. For example, in DNS spoofing, the DNS name of another system is assumed either by corrupting a name-service cache or by compromising a domain-name server for a valid domain.
See Structured Query Language (SQL).
A server that uses the Structured Query Language (SQL) to query, update, and manage a relational database.
See Secure Sockets Layer (SSL).
See digital certificate.
A database query and programming language widely used for accessing data in, querying, updating, and managing relational database systems. See also SQL server.
A TCP/IP configuration parameter that extracts network and host configuration data from an IP address. This 32-bit value enables the recipient of IP packets to distinguish the network ID portion (domain name) of the IP address from the host ID (host name).
Build date: 11/30/2009
© 2008 Microsoft Corporation. All rights reserved.