ASP (Application Service Provider): A company that offers individuals or enterprises access to programs and related services that would otherwise have to be located in their own personal or enterprise computers.

ATM (Asynchronous Transfer Mode): A dedicated-connection switching technology that organizes digital data into 53-byte cell units and transmits them over a physical medium using digital signal technology. Individually, a cell is processed asynchronously relative to other related cells and is queued before being multiplexed over the transmission path.

BACKBONE: A larger transmission line that carries data gathered from smaller lines that interconnect with it. On the Internet or other Wide Area Network (WAN), a backbone is a set of paths that local or regional networks connect to for long-distance interconnection. The connection points are known as network nodes or telecommunications Data Switching Exchanges (DSEs).

BANDWIDTH: Generally speaking, bandwidth is directly proportional to the amount of data transmitted or received per unit time. In a qualitative sense, bandwidth is proportional to the complexity of the data for a given level of system performance. For example, it takes more bandwidth to download a photograph in one second than it takes to download a page of text in one second.

CENTRAL OFFICE: The Central Office or C.O. is the phone company switching center. Every customer is served out of a given C.O. Distance to the C.O. determines availability and speed of DSL to a particular location.

CLEC (Competitive Local Exchange Carrier): A company authorized by state utilities commissions to provision telecommunications services within a given region. These companies compete with the ILEC's or Incumbent Local Exchange Carriers (also knowns as Baby Bells or RBOC's). A Data CLEC is a company such as Covad Communications that delivers data services to its clients.

COLOCATION: The provision of space for a customer's telecommunications equipment on the service provider's premises. For example, a Web site owner could place the site's own computer server on the premises of the Internet Service Provider (ISP), or an ISP could place its network router on the premises of the company offering switching services with other ISPs.

DHCP (Dynamic Host Configuration Protocol): A protocol that lets network administrators manage centrally and automate the assignment of Internet Protocol (IP) addresses in an organization's network. Using the Internet's set of protocols (TCP/IP), each machine that can connect to the Internet needs a unique IP address. When an organization sets up its computer users with a connection to the Internet, an IP address must be assigned to each machine. Without DHCP, the IP address must be entered manually at each computer and, if computers move to another location in another part of the network, a new IP address must be entered. DHCP lets a network administrator supervise and distribute IP addresses from a central point and automatically sends a new IP address when a computer is plugged into a different place in the network.

DSL (DIGITAL SUBSCRIBER LINE): A technology for bringing high-bandwidth data to homes and small businesses over ordinary copper telephone lines. xDSL refers to different variations of DSL, such as ADSL, IDSL, and SADSL. Assuming your home or small business is close enough to a telephone company central office that offers DSL service, you may be able to receive data at rates up to 6.1 megabits (millions of bits) per second (of a theoretical 8.448 megabits per second), enabling continuous transmission of motion video, audio, and even 3-D effects. More typically, individual connections will provide from 1.544 Mbps to 512 Kbps downstream and about 128 Kbps upstream. A DSL line can carry both data and voice signals and the data part of the line is continuously connected.

DSL CARRIER: A telephone or other company that sells or rents telecommunications transmission services. A Local Exchange Carrier (LEC) is a local phone company and an Inter-Exchange Carrier (IEC or IXC) carries long-distance calls.

FIREWALL: A set of related programs, located at a network gateway server, that protects the resources of a private network from users of other networks. A firewall, working closely with a router program, filters all network packets to determine whether to forward them toward their destination. A firewall also includes or works with a proxy server that makes network requests on behalf of workstation users. A firewall is often installed in a specially designated computer separate from the rest of the network so that no incoming request can get directly at private network resources. One firewall screening method involves screening requests to make sure they come from acceptable (previously identified) domain names and IP addresses. Firewall features include logging and reporting, automatic alarms at given thresholds of attack, and a graphical user interface for controlling the firewall.

HOSTED APPLICATIONS: see ASP.

FRAME-RELAY: Frame relay is a telecommunication service designed for cost-efficient data transmission for intermittent traffic between Local Area Networks (LANs) and between end-points in a Wide Area Network (WAN). Frame relay puts data in a variable-size unit called a frame and leaves any necessary error correction (retransmission of data) up to the end-points, which speeds up overall data transmission.

INTRUSION DETECTION: By monitoring the firewalls and other gateway routers that sit between an enterprise's internal network and the Internet, the service of intrusion detection can detect and respond to, in real time, attempts to hack into the enterprise network.

ISP (Internet Service Provider): A vendor who provides access to the Internet and usually value added services such as web hosting, firewalls, colo etc.

ISDN (Integrated Services Digital Network): A set of CCITT/ITU standards for digital transmission over ordinary telephone copper wire as well as over other media. Home and business users who install ISDN adapters (in place of their modems) can see highly-graphic Web pages arriving faster than a 56k modem (up to 128 Kbps).
MANAGED SECURITY: Centralized management of the routers, firewalls and other gateway servers of an enterprise. May include intrusion detection and other services, all conducted from a service provider's remotely located network operations center.

NAT (Network Address Translation): The translation of an Internet Protocol address (IP address) used within one network to a different IP address known within another network. One network is designated the inside network and the other is the outside. Typically, a company maps its local inside network addresses to one or more global outside IP addresses and unmaps the global IP addresses on incoming packets back into local IP addresses. This helps ensure security since each outgoing or incoming request must go through a translation process that also offers the opportunity to qualify or authenticate the request or match it to a previous request. NAT also conserves on the number of global IP addresses that a company needs and it lets the company use a single IP address in its communication with the world.

PACKET FILTERING FIREWALL: A firewall that inspects each incoming packet and employs given rulesets that determine whether the packet may pass through to its destination or be blocked by the firewall.

POP (POINT-OF-PRESENCE): The location of an access point to the Internet. A POP necessarily has a unique Internet (IP) address. Your Internet Service Provider (ISP) has a point-of-presence on the Internet. POP's are sometimes used as one measure of the size and growth of an ISP. A POP may actually reside in rented space owned by a telecommunications carrier such as ATT. A POP usually includes routers, digital/analog call aggregators, servers, and frequently frame relay or ATM switches.

REAL PRIVATE NETWORKS: As opposed to VPN's which use encryption to secure data transmision, data traversing a real private network need not rely on encryption alone for its security since the network is truly private. From any end point to any other end point on the network, dedicated circuits used by a single enterprise ensure that no data traverses a public network such as the Internet.

SMTP (SIMPLE MAIL TRANSFER PROTOCOL) GATEWAY: A TCP/IP protocol used in sending and receiving e-mail. Users typically use a program that uses SMTP for sending e-mail and either POP3 or IMAP for receiving messages that have been received for them at their local server.

T1, T3: The T-carrier system, introduced by the Bell System in the U.S. in the 1960s, was the first successful system that supported digitized voice transmission. The original transmission rate (1.544 Mbps) in the T1 line is in common use today in ISP connections to the Internet. Another level, the T3 line, providing 44.736 Mbps, is also commonly used by ISPs. Another commonly installed service is a fractional T1 line, which is the rental of some portion of the 24 channels in a T1 line, with the other channels going unused.

URL FILTERING: The ability to restrict and manage the capability of end-users to reach a predefined, and often regularly updated, set of web sites. Used by parents to protect children and by corporations to limit unproductive use of the web.

VPN (VIRTUAL PRIVATE NETWORK): A private data network that makes use of the public telecommunications infrastructure, maintaining privacy through the use of a tunneling protocol and security procedures. A virtual private network can be contrasted with a system of owned or leased lines that can only be used by one company. The idea of the VPN is to give the company the same capabilities at much lower cost by using the shared public infrastructure rather than a private one. Phone companies have provided secure shared resources for voice messages. A virtual private network makes it possible to have the same secure sharing of public resources for data. Companies today are looking at using a private virtual network for both extranets and wide-area intranets. Using a virtual private network involves encrypting data before sending it through the public network and decrypting it at the receiving end. An additional level of security involves encrypting not only the data but also the originating and receiving network addresses.

WAN (WIDE-AREA NETWORK): A geographically dispersed telecommunications network. The term usually connotes the inclusion of public (shared user) networks. An intermediate form of network in terms of geography is a Metropolitan Area Network (MAN).