Terminology – HP Identity Driven Manager Software Series User Manual
Page 14
1-8
About ProCurve Identity Driven Manager
Terminology
Terminology
Access Policy
Group
An IDM access policy group consists of one or more rules that govern the login
times, devices, quality of service, bandwidth, and VLANs for users assigned to
the access policy group.
Access Profile
An IDM access profile sets the VLAN, quality of service, and bandwidth (rate-
limits) applied when a user logs in and is authenticated on the network.
Authentication
The process of proving the user’s identity. In networks this involves the use
of usernames and passwords, network cards (smartcards, token cards, etc.),
and a device’s MAC address to determine who and/or what the "user" is.
Authentication
Server
Authentication servers are responsible for granting or denying access to the
network. Also referred to as RADIUS servers because most current authenti-
cation servers implement the RADIUS protocol.
Authorization
The process that determines what an authenticated user can do. It establishes
what network resources the user is, or is not permitted to use.
Bandwidth
Amount of network resources available. Generally used to define the amount
of network resources a specific user can consume at any given time. Also
referred to as rate-limiting.
Client
An end-node device such as a management station, workstation, or mobile PC
attempting to access the network. Clients are linked to the switch through a
point-to-point LAN link, either wired or wireless.
Directory Name
Directory Name (DN) is an identifier that uniquely represents an object in the
X.500 Directory Information Tree (DIT) [X501]. (See: domain name.) A DN is
a set of attribute values that identify the path leading from the base of the DIT
to the object that is named. An X.509 public-key certificate or CRL contains a
DN that identifies its issuer, and an X.509 attribute certificate contains a DN
or other form of name that identifies its subject.
Domain
A domain is a group of computers and devices on a network that are admin-
istered as a unit with common rules and procedures. Within the internet,
domains are defined by the IP Address. All devices sharing a common part of
the IP address are said to be in the same domain.
Edge Device
A network device (switch or wireless access point) that connects the user to
the rest of the network. The edge devices can be engaged in the process of
granting user access and assigning a user’s access rights and restrictions.