A glossary of essential networking terms with links to in-depth articles.
To find a brief definition of the networking term you are looking for user your browser’s “Find” feature then follow links to a fuller explanation.
AI networking
AI networking refers to the application of artificial intelligence (AI) technologies to network management and optimization. It involves using AI algorithms and machine learning techniques to analyze network data, identify patterns and make intelligent decisions to improve network performance, security and efficiency.
5G
5G is fast cellular wireless technology for enterprise IoT, IIoT, and phones that can boost wireless throughput by a factor of 10.
Private 5G
Private 5G: a dedicated mobile network built and operated within a private environment, such as a business campus, factory or stadium. Unlike public 5G networks, which are shared by multiple users, private 5G networks are exclusively used by a single organization or entity. While private 5G offers significant advantages, it requires specialized expertise and investment to build and manage.
Network slicing
Network slicing can make efficient use of carriers’ wireless capacity to enable 5G virtual networks that exactly fit customer needs.
Open RAN (O-RAN)
O-RAN is a wireless-industry initiative for designing and building 5G radio access networks using software-defined technology and general-purpose, vendor-neutral hardware.
Beamforming
Beamforming is a technique that focuses a wireless signal towards a specific receiving device rather than have the signal spread in all directions as with a broadcast antenna. The resulting connection is faster and more reliable than it would be without beamforming.
Data Center
Data centers are physical facilities that enterprises use to house business-critical applications and information and which are evolving from centralized, on-premises facilities to edge deployments and public-cloud services.
Power usage effectiveness (PUE)
Power usage effectiveness (PUE) is metric that measures the energy efficiency of a data center.
Data center automation
Data center automation is the process of using technology to automate routine data center tasks and workflows. By leveraging software and automation tools, data center operators can streamline operations, reduce human error, improve efficiency and enhance overall performance. Areas where data center automation is often deployed include provisioning, monitoring, network orchestration and maintenance. Benefits of data center automation to benefits such as increased efficiency, reduced costs, improved reliability, enhanced scalability and improved security. Data center automation can be implemented using scripting languages (e.g., Python, PowerShell), automation platforms (e.g., Ansible, Puppet, Chef), and cloud-based management tools.
Data center sustainability
Data center sustainability is the practice of designing, building and operating data centers in a way that minimizes their environmental by reducing energy consumption, water usage and waste generation, while also promoting sustainable practices such as renewable energy and efficient resource management.
Hyperconverged infrastructure (HCI)
Hyperconverged infrastructure combines compute, storage and networking in a single system and is used frequently in data centers. Enterprises can choose an appliance from a single vendor or install hardware-agnostic hyperconvergence software on white-box servers.
Firewall
Network firewalls were created as the primary perimeter defense for most organizations, but since its creation the technology has spawned many iterations: proxy, stateful, Web app, next-generation.
Next-generation firewall (NGFW)
Next-generation firewalls defend network perimeters and include features to inspect traffic at a fine level including intrusion prevention systems, deep-packet inspection, and SSL inspection all integrated into a single system.
Infiniband
Infiniband is a highly specialized technology, Infiniband’s performance and scalability make it a valuable tool for organizations that require the highest levels of network performance. The high-performance interconnect technology designed to provide low-latency, high-bandwidth communication between servers, storage devices, and other high-performance computing (HPC) components. It’s particularly well-suited for applications that require rapid data transfer, such as scientific computing, financial modeling and video rendering. Infiniband is commonly used for HPC clusters, data centers, supercomputers and scientific research.
Ethernet
Ethernet is one of the original networking technologies and was invented 50 years ago. Despite its age, the communications protocol can be deployed and incorporate modern advancements without losing backwards compatibility, Ethernet continues to reign as the de facto standard for computer networking. As artificial intelligence (AI) workloads increase, network industry giants are teaming up to ensure Ethernet networks can keep pace and satisfy AI’s high performance networking requirements. At its core, Ethernet is a protocol that allows computers (from servers to laptops) to talk to each other over wired networks that use devices like routers, switches and hubs to direct traffic. Ethernet works seamlessly with wireless protocols, too.
Internet
The internet is a global network of computers using internet protocol (IP) to communicate globally via switches and routers deployed in a cooperative network designed to direct traffic efficiently and to provide resiliency should some part of the internet fail.
Internet backbone
Tier 1 internet service providers (ISP) mesh their high-speed fiber-optic networks together to create the internet backbone, which moves traffic efficiently among geographic regions.
IP address
An IP address is a unique set of numbers or combination of letters and numbers that are assigned to each device on an IP network to make it possible for switches and routers to deliver packets to the correct destinations.
PaaS, NaaS, IaaS and IDaaS
Platform as a service (PaaS): In PaaS, a cloud provider delivers a platform for developers to build, run and manage applications. It includes the operating system, programming languages, database and other development tools. This allows developers to focus on building applications without worrying about the underlying infrastructure.
Network as a service (NaaS): NaaS is a cloud-based service that provides network infrastructure, such as routers, switches and firewalls, as a service. This allows organizations to access and manage their network resources through a cloud-based platform.
Infrastructure as a service (IaaS): IaaS provides the building blocks of cloud computing — servers, storage and networking. This gives users the most control over their cloud environment, but it also requires them to manage the operating system, applications, and other components.
Identity as a service (IDaaS): providers maintain cloud-based user profiles that authenticate users and enable access to resources or applications based on security policies, user groups, and individual privileges. The ability to integrate with various directory services (Active Directory, LDAP, etc.) and provide single sign-on across business-oriented SaaS applications is essential.
IPv6
IPv6 is the latest version of internet protocol that expands the number of possible IP addresses from the 4.3 billion possible with IPv4 to 340 trillion trillion in order to accommodate unique addresses for every device likely to be attached to the public internet.
Internet of things (IoT)
The internet of things (IoT) is a network of connected smart devices providing rich operational data to enterprises. It is a catch-all term for the growing number of electronics that aren’t traditional computing devices, but are connected to the internet to to gather data, receive instructions or both.
Industrial internet of things (IIoT)
The industrial internet of things (IIoT) connects machines and devices in industries. It is the application of instrumentation and connected sensors and other devices to machinery and vehicles in the transport, energy and manufacturing sectors.
Industry 4.0
Industry 4.0 blends technologies to create custom industrial solutions that make better use of resources. It connects the supply chain and the ERP system directly to the production line to form integrated, automated, and potentially autonomous manufacturing processes that make better use of capital, raw materials, and human resources.
IoT standards and protocols
There’s an often-impenetrable alphabet soup of protocols, standards and technologies around the Internet of Things, and this is a guide to essential IoT terms.
Narrowband IoT (NB-IoT)
NB-IoT is a communication standard designed for IoT devices to operate via carrier networks, either within an existing GSM bandwidth used by some cellular services, in an unused “guard band” between LTE channels, or independently.
IP
Internet protocol (IP) is the set of rules governing the format of data sent over IP networks.
DHCP
DHCP stands for dynamic host-configuration protocol, an IP-network protocol used for a server to automatically assign networked devices with IP addresses on the fly and and share other information to those devices so they can communicate efficiently with other endpoints.
DNS
The Domain Name System (DNS) resolves the common names of Web sites with their underlying IP addresses, adding efficiency and even security in the process.
IPv6
IPv6 is the latest version of internet protocol that identifies devices across the internet so they can be located but also can handle packets more efficiently, improve performance and increase security.
IP address
An IP address is a number or combination of letters and numbers used to label devices connected to a network on which the Internet Protocol is used as the medium for communication. IP addresses give devices on IP networks their own identities so they can find each other.
Network management
Network management is the process of administering and managing computer networks.
Intent-based networking
Intent-based networking (IBNS) is network management that gives network administrators the ability to define what they want the network to do in plain language, and having a network-management platform automatically configure devices on the network to create the desired state and enforce policies.
Microsegmentation
Microsegmentation is a way to create secure zones in networks, in data centers, and cloud deployments by segregating sections so only designated users and applications can gain access to each segment.
Software-defined networking (SDN)
Software-defined networking (SDN) is an approach to network management that enables dynamic, programmatically efficient network configuration in order to improve network performance and monitoring. It operates by separating the network control plane from the data plane, enabling network-wide changes without manually reconfiguring each device.
Network security
Network security consists of the policies, processes, and practices adopted to prevent, detect, and monitor unauthorized access, misuse, modification, or denial of service on a computer network and network-accessible resources.
Identity-based networking
Identity-based networking ties a user’s identity to the networked services that user can receive.
Microsegmentation
Microsegmentation is a way to create secure zones in networks, in data centers, and cloud deployments by segregating sections so only designated users and applications can gain access to each segment.
Network access control (NAC)
Network Access Control is an approach to computer security that attempts to unify endpoint-security technology, user or system authentication, and network security enforcement.
SASE
Secure access service edge (SASE) is a network architecture that rolls software-defined wide area networking (SD-WAN) and security into a cloud service that promises simplified WAN deployment, improved efficiency and security, and to provide appropriate bandwidth per application. SASE, a term coined by Gartner in 2019, offers a comprehensive solution for securing and optimizing network access in today’s hybrid work environment. Its core elements include the following:
Secure web gateway (SWG): Filters and inspects web traffic, blocking malicious content and preventing unauthorized access to websites.
Cloud access security broker (CASB): Enforces security policies and controls for cloud applications, protecting data and preventing unauthorized access.
Zero trust network access (ZTNA): Grants access to applications based on user identity and device posture, rather than relying on network location.
Firewall-as-a-service (FWaaS): Provides a cloud-based firewall that protects networks from threats and unauthorized access.
Unified management: A centralized platform for managing and monitoring both network and security components.
Automation: Automated workflows and policies to simplify operations and improve efficiency.
Analytics: Advanced analytics to provide insights into network and security performance.
Multivendor SASE
Refers to a SASE platform that is provided by multiple vendors. This means you’d source that different components of the SASE platform, such as the secure web gateway (SWG), cloud access security broker (CASB), and zero-trust network access (ZTNA) from different vendors. This allows you to choose the best-of-breed solutions for each component of the platform. By using multivendor SASE platform, you avoid being tied to a single vendor and reduce the risk of vendor lock-in. On the negative side, managing multiple vendors is time-consuming than managing a single-vendor solution. Also, issues among vendors can impact the performance, efficiency and reliability of the SASE solution.
Single-vendor SASE
Single-vendor SASE refers to a solution that is provided by a single vendor. This means that all of the components of the SASE platform, such as the secure web gateway (SWG), cloud access security broker (CASB), and zero-trust network access (ZTNA) are delivered by a single vendor. Advantages of single-vendor SASE include simplified management, smoother integration and enhanced support. Disadvantages include vendor lock-in, more limited capabilities compared to multivendor platforms, and higher costs for large organizations.
Network switch
A network switch is a device that operates at the Data Link layer of the OSI model — Layer 2. It takes in packets being sent by devices that are connected to its physical ports and sends them out again, but only through the ports that lead to the devices the packets are intended to reach. They can also operate at the network layer — Layer 3 where routing occurs.
Open systems interconnection (OSI) reference model
Open Systems Interconnection (OSI) reference model is a framework for structuring messages transmitted between any two entities in a network.
Power over Ethernet (PoE)
PoE is the delivery of electrical power to networked devices over the same data cabling that connects them to the LAN. This simplifies the devices themselves by eliminating the need for an electric plug and power converter, and makes it unnecessary to have separate AC electric wiring and sockets installed near each device.
Routers
A router is a networking device that forwards data packets between computer networks. Routers operate at Layer 3 of the OSI model and perform traffic-directing functions between subnets within organizations and on the internet.
Border-gateway protocol (BGP)
Border Gateway Protocol is a standardized protocol designed to exchange routing and reachability information among the large, autonomous systems on the internet.
UDP port
UDP (User Datagram Protocol) is a communications protocol primarily used for establishing low-latency and loss-tolerant connections between applications on the internet. It speeds up transmissions by enabling the transfer of data before the receiving device agrees to the connection.
Storage networking
Storage networking is the process of interconnecting external storage resources over a network to all connected computers/nodes.
Network attached storage (NAS)
Network-attached storage (NAS) is a category of file-level storage that’s connected to a network and enables data access and file sharing across a heterogeneous client and server environment.
Non-volatile memory express (NVMe)
A communications protocol developed specifically for all-flash storage, NVMe enables faster performance and greater density compared to legacy protocols. It’s geared for enterprise workloads that require top performance, such as real-time data analytics, online trading platforms, and other latency-sensitive workloads.
Storage-area network (SAN)
A storage-area network (SAN) is a dedicated, high-speed network that provides access to block-level storage. SANs were adopted to improve application availability and performance by segregating storage traffic from the rest of the LAN.
Virtualization
Virtualization is the creation of a virtual version of something, including virtual computer hardware platforms, storage devices, and computer network resources. This includes virtual servers that can co-exist on the same hardware, but behave separately.
Hypervisor
A hypervisor is software that separates a computer’s operating system and applications from the underlying physical hardware, allowing the hardware to be shared among multipe virtual machines.
Network virtualizaton
Network virtualization is the combination of network hardware and software resources with network functionality into a single, software-based administrative entity known as a virtual network. Network virtualization involves platform virtualization, often combined with resource virtualization.
Network function virtualization (NFV)
Network functions virtualization (NFV) uses commodity server hardware to replace specialized network appliances for more flexible, efficient, and scalable services.
Application-delivery controller (ADC)
An application delivery controller (ADC) is a network component that manages and optimizes how client machines connect to web and enterprise application servers. In general, a ADC is a hardware device or a software program that can manage and direct the flow of data to applications.
Virtual machine (VM)
A virtual machine (VM) is software that runs programs or applications without being tied to a physical machine. In a VM instance, one or more guest machines can run on a physical host computer.
VPN (virtual private network)
A virtual private network can create secure remote-access and site-to-site connections inexpensively, are a stepping stone to software-defined WANs, and are proving useful in IoT.
Split tunneling
Split tunneling is a device configuration that ensures that only traffic destined for corporate resources go through the organization’s internet VPN, with the rest of the traffic going outside the VPN, directly to other sites on the internet.
WAN
A WAN or wide-area network, is a network that uses various links—private lines, Multiprotocol Label Switching (MPLS), virtual private networks (VPNs), wireless (cellular), the Internet — to connect organizations’ geographically distributed sites. In an enterprise, a WAN could connect branch offices and individual remote workers with headquarters or the data center.
Data deduplication
Data deduplication, or dedupe, is the identification and elimination of duplicate blocks within a dataset, reducing the amount of traffic that must go on WAN connections. Deduplication can find redundant blocks of data within files from different directories, different data types, even different servers in different locations.
MPLS
Multi-protocol label switching (MPLS) is a packet protocol that ensures reliable connections for real-time applications, but it’s expensive, leading many enterprises to consider SD-WAN as a means to limit its use.
SASE
Secure access service edge (SASE) is a network architecture that rolls software-defined wide area networking (SD-WAN) and security into a cloud service that promises simplified WAN deployment, improved efficiency and security, and to provide appropriate bandwidth per application. SASE, a term coined by Gartner in 2019, offers a comprehensive solution for securing and optimizing network access in today’s hybrid work environment. Its core elements include the following:
Secure web gateway (SWG): Filters and inspects web traffic, blocking malicious content and preventing unauthorized access to websites.
Cloud access security broker (CASB): Enforces security policies and controls for cloud applications, protecting data and preventing unauthorized access.
Zero trust network access (ZTNA): Grants access to applications based on user identity and device posture, rather than relying on network location.
Firewall-as-a-service (FWaaS): Provides a cloud-based firewall that protects networks from threats and unauthorized access.
Unified management: A centralized platform for managing and monitoring both network and security components.
Automation: Automated workflows and policies to simplify operations and improve efficiency.
Analytics: Advanced analytics to provide insights into network and security performance.
SD-WAN
Software-defined wide-area networks (SD-WAN) is sofware that can manage and enforce the routing of WAN traffic to the appropriate wide-area connection based on policies that can take into consideration factors including cost, link performance, time of day, and application needs based on policies. Like its bigger technology brother, software-defined networking, SD-WAN decouples the control plane from the data plane.
VPN
Virtual private networks (VPNs) can create secure remote-access and site-to-site connections inexpensively, can be an option in SD-WANs, and are proving useful in IoT.
Wi-Fi
Wi-Fi refers to the wireless LAN technologies that utilize the IEEE 802.11 standards for communications. Wi-Fi products use radio waves to transmit data to and from devices with Wi-Fi software clients to access points that route the data to the connected wired network..
802.11ad
802.11ad is an amendment to the IEEE 802.11 wireless networking standard, developed to provide a multiple gigabit wireless system standard at 60 GHz frequency, and is a networking standard for WiGig networks.
802.11ay
802.11ay is a proposed enhancement to the current (2021) technical standards for Wi-Fi. It is the follow-up to IEEE 802.11ad, quadrupling the bandwidth and adding MIMO up to 8 streams. It will be the second WiGig standard.
802.11ax (Wi-Fi 6)
802.11ax, officially marketed by the Wi-Fi Alliance as Wi-Fi 6 and Wi-Fi 6E, is an IEEE standard for wireless local-area networks and the successor of 802.11ac. It is also known as High Efficiency Wi-Fi, for the overall improvements to Wi-Fi 6 clients under dense environments.
Wi-Fi 6E
Wi-Fi 6E is an extension of Wi-Fi 6 unlicensed wireless technology operating in the 6GHz band, and it provides lower latency and faster data rates than Wi-Fi 6. The spectrum also has a shorter range and supports more channels than bands that were already dedicated to Wi-Fi, making it suitable for deployment in high-density areas like stadiums.
Beamforming
Beamforming is a technique that focuses a wireless signal towards a specific receiving device, rather than having the signal spread in all directions from a broadcast antenna, as it normally would. The resulting more direct connection is faster and more reliable than it would be without beamforming.
Controllerless Wi-Fi
It’s no longer necessary for enterprises to install dedicated Wi-Fi controllers in their data centers because that function can be distributed among access points or moved to the cloud, but it’s not for everybody.
MU-MIMO
MU-MIMO stands for multi-user, multiple input, multiple output, and is wireless technology supported by routers and endpoint devices. MU-MIMO is the next evolution from single-user MIMO (SU-MIMO), which is generally referred to as MIMO. MIMO technology was created to help increase the number of simultaneous users a singel access point can support, which was initially achieved by increasing the number of antennas on a wireless router.
OFDMA
Orthogonal frequency-division multiple-access (OFDMA) provides Wi-Fi 6 with high throughput and more network efficiency by letting multiple clients connect to a single access point simultaneously.
Wi-Fi 6 (802.11ax)
802.11ax, officially marketed by the Wi-Fi Alliance as Wi-Fi 6 and Wi-Fi 6E, is an IEEE standard for wireless local-area networks and the successor of 802.11ac. It is also known as High Efficiency Wi-Fi, for the overall improvements to Wi-Fi 6 clients under dense environments.
Wi-Fi standards and speeds
Ever-improving Wi-Fi standards make for denser, faster Wi-Fi networks.
WPA3
The WPA3 Wi-Fi security standard tackles WPA2 shortcomings to better secure personal, enterprise, and IoT wireless networks.