Network Architecture & Segmentation
A
Air-Gap
An air-gap physically isolates a computer or network from external connections, providing maximum protection against remote cyberattacks for highly sensitive systems.Anycast
Anycast is a routing method where the same IP address is advertised from multiple locations, automatically directing users to the nearest or healthiest server for improved resilience and performance.ARP
ARP (Address Resolution Protocol) maps IP addresses to MAC addresses on local networks, enabling devices to communicate by translating logical addresses into physical hardware addresses.
C
Capacity Planning
Capacity planning forecasts compute, storage, and network resources to balance performance needs against cost constraints, preventing both shortages and wasteful over-provisioning.Certificate/PKI
Certificate/PKI is the framework of digital certificates and Public Key Infrastructure that verifies identities and enables encrypted, trusted communication across networks.Client VPN
A Client VPN is a user-initiated encrypted tunnel connecting individual devices to private networks, enabling secure remote access to organizational resources from any location.Containers (Docker/K8s)
Containers package applications with their dependencies into isolated, portable units. Docker creates containers while Kubernetes orchestrates them at scale across distributed environments.Core/Access Switch
A two-tier network architecture dividing switches into core and access layers, simplifying campus networks by eliminating the distribution tier while maintaining performance.
D
Data at Rest Encryption
Data at Rest Encryption protects stored video footage by cryptographically securing disks and volumes, preventing unauthorized access if storage media is stolen or compromised.Data Classification
Data classification categorizes information by sensitivity and value to apply appropriate security controls, access restrictions, and retention policies across an organization's data assets.Data in Transit Encryption
Data in transit encryption protects information as it moves between devices, servers, and networks by converting it into unreadable code that only authorized recipients can decrypt.DLP
DLP (Data Loss Prevention) comprises tools and strategies that detect and block unauthorized transmission of sensitive data across endpoints, networks, and cloud environments.DNS
DNS (Domain Name System) translates human-readable domain names into IP addresses, enabling browsers to locate and connect to websites across the internet.
E
EDR/XDR
EDR/XDR refers to Endpoint Detection and Response and Extended Detection and Response tools that monitor, detect, and respond to security threats across endpoints and broader IT environments.Ethernet
Ethernet is the wired networking standard that connects IP cameras, servers, and security devices within local area networks, providing reliable high-speed data transmission.Extender (PoE)
A PoE extender is a device that extends Power over Ethernet and data transmission beyond the standard 100-meter cable limit, enabling connectivity to remote cameras and access points.
F
Firewall
A firewall is a network security system that monitors and controls traffic between networks based on security rules, using techniques like stateful inspection to block unauthorized access.
CH