Acronyms

Note

This page is supplementary material for the NIST SP 1800-35 publication.

List of Acronyms

AAA	Authentication, Authorization, and Accounting
ACL	Access Control List
AD	Active Directory
AD FS	Active Directory Federation Services
AG	(Okta) Access Gateway
AI	Artificial Intelligence
AMI	Amazon Machine Image
AP	Access Point
API	Application Programming Interface
APM	(F5 BIG-IP) Access Policy Manager
APNs	Apple Push Notification service
ATP	(Microsoft Azure) Advanced Threat Protection, (Palo Alto Networks) Advanced Threat Prevention
AURL	(Palo Alto Networks) Advanced URL Filtering
AWS	Amazon Web Services
BCE	(Google) BeyondCorp Enterprise
BYOD	Bring Your Own Device
C&C	Command-and-Control
CA	Certificate Authority, (Zscaler) Central Authority
CASB	Cloud Access Security Broker
CCECG	(Palo Alto Networks) Common Criteria Evaluated Configuration Guide
CDM	Continuous Diagnostics and Mitigation
CDSS	(Palo Alto Networks) Cloud-Delivered Security Services
CEF	Common Event Format
CESA	Cisco Endpoint Security Analytics
CI/CD	Continuous Integration/Continuous Delivery
CIE	(Palo Alto Networks) Cloud Identity Engine
CIEM	Cloud Infrastructure Entitlement Management
CLI	Command Line Interface
CP4S	(IBM) Cloud Pak for Security
CRADA	Cooperative Research and Development Agreement
CSE	Cisco Secure Endpoint
CSF	Cybersecurity Framework
CSW	Cisco Secure Workload
CVE	Common Vulnerabilities and Exposures
DDoS	Distributed Denial of Service
DHCP	Dynamic Host Configuration Protocol
DISA	Defense Information Systems Agency
DLP	Data Loss Prevention
DMZ	Demilitarized Zone
DN	Domain Name
DNS	Domain Name System
DTLS	Datagram Transport Layer Security
E1B1	Enterprise 1 Build 1
E1B2	Enterprise 1 Build 2
E1B3	Enterprise 1 Build 3
E1B4	Enterprise 1 Build 4
E1B5	Enterprise 1 Build 5
E1B6	Enterprise 1 Build 6
E2B1	Enterprise 2 Build 1
E2B3	Enterprise 2 Build 3
E2B4	Enterprise 2 Build 4
E2B5	Enterprise 2 Build 5
E3B1	Enterprise 3 Build 1
E3B2	Enterprise 3 Build 2
E3B3	Enterprise 3 Build 3
E3B4	Enterprise 3 Build 4
E3B5	Enterprise 3 Build 5
E4B3	Enterprise 4 Build 3
E4B4	Enterprise 4 Build 4
EBS	(Amazon) Elastic Block Store
EC2	(Amazon) Elastic Compute Cloud
ECS	(Amazon) Elastic Container Service
EDR	Endpoint Detection and Response
EIG	Enhanced Identity Governance
EKS	(Amazon) Elastic Kubernetes Service
EMM	Enterprise Mobility Management
EO	Executive Order
ePO	(Trellix) ePolicy Orchestrator
EPP	Endpoint Protection Platform
ETA	(Cisco) Encrypted Traffic Analytics
E/W	East/West
FedRAMP	Federal Risk and Authorization Management Program
FIDO U2F	Fast Identity Online Universal 2nd Factor
FIPS	Federal Information Processing Standards
FQDN	Fully Qualified Domain Name
FTD	(Cisco) Firepower Threat Defense
FTUE	First-Time User-Experience
FWaaS	Firewall as a Service
GA	General Availability
GCP	Google Cloud Platform
GDE	(IBM Security) Guardium Data Encryption
GIN	(Symantec) Global Intelligence Network
GP	(Palo Alto Networks) GlobalProtect
GPO	Group Policy Object
HDAP	High-Availability Directory Access Protocol
HIP	Host Information Profile
HR	Human Resources
HTTP	Hypertext Transfer Protocol
HTTPS	Hypertext Transfer Protocol Secure
IaaS	Infrastructure as a Service
IaC	Infrastructure as Code
IAM	(AWS) Identity and Access Management
IAP	Identity-Aware Proxy
IBM	International Business Machines Corporation
ICA	Intermediate Certificate Authority
ICAM	Identity, Credential, and Access Management
IDaaS	Identity as a Service
IdP	Identity Provider
IGA	(Symantec) Identity Governance and Administration
IIS	Internet Information Services
IL4	(Department of Defense) Impact Level 4
IoMT	Internet of Medical Things
IoT	Internet of Things
IN UEM	Ivanti Neurons for Unified Endpoint Management
IoT	Internet of Things
IP	Internet Protocol
IPsec	Internet Protocol Security
IPv4	Internet Protocol version 4
IPv6	Internet Protocol version 6
IR	Internal Report
ISE	(Cisco) Identity Services Engine
IT	Information Technology
ITL	Information Technology Lab
ITOps	Information Technology Operations
JDBC	Java Database Connectivity
KCD	Kerberos Constrained Delegation
LDAP	Lightweight Directory Access Protocol
LDAPS	Lightweight Directory Access Protocol Secure
LTM	(F5 BIG-IP) Local Traffic Manager
MAM	Mobile Application Management
MDM	Mobile Device Management
MES	(Lookout) Mobile Endpoint Security
MFA	Multifactor Authentication
ML	Machine Learning
MSV	Mandiant Security Validation
MTD	Mobile Threat Defense
mTLS	Mutual Transport Layer Security
MU SPN	Mobile User Security Processing Node
NCCoE	National Cybersecurity Center of Excellence
NDR	Network Detection and Response
NGAV	Next-Generation Antivirus
NGFW	Next-Generation Firewall
NIST	National Institute of Standards and Technology
NNM	(Tenable) Nessus Network Monitor
NPE	Non-Person Entity
NPS	Network Policy Server
N/S	North/South
NSG	Network Security Group
NTA	Network Traffic Analysis
NTP	Network Time Protocol
NVM	(Cisco) Network Visibility Module
OAuth	Open Authorization
OIDC	OpenID Connect
OMB	Office of Management and Budget
OS	Operating System
OT	Operational Technology
OU	Organizational Unit
OTP	One-Time Password
OVA	Okta Verify App, Open Virtual Appliance
PA	Policy Administrator
PaaS	Platform as a Service
PAN	Palo Alto Networks
PAW	(Intune) Privilege Access Workstations
PDCe	Primary Domain Controller Emulator
PDP	Policy Decision Point
PE	Policy Engine
PEP	Policy Enforcement Point
PII	Personally Identifiable Information
PIP	Policy Information Point
PKI	Public Key Infrastructure
QoS	Quality of Service
QR	Quick Response
RADIUS	Remote Authentication Dial-In User Service
R&D	Research and Development
RDBMS	Relational Database Management System
RDP	Remote Desktop Protocol
RDS	Remote Desktop Server
REST	Representational State Transfer
RN SPN	Remote Network Security Processing Node
S3	(Amazon) Simple Storage Service
SaaS	Software as a Service
SAML	Security Assertion Markup Language
SASE	Secure Access Service Edge
SAW	(Microsoft) Secure Admin Workstation
SCC	SCAP Compliance Checker
SC SPN	Service Connection Security Processing Node
SCIM	System for Cross-Domain Identity Management
SDLC	Software Development Lifecycle
SDP	Software-Defined Perimeter
SD-WAN	Software-Defined Wide Area Network
SFTP	SSH File Transfer Protocol
SIEM	Security Information and Event Management
SMB	Server Message Block
SMS	Short Message Service
SMTP	Simple Mail Transfer Protocol
SNA	(Cisco) Secure Network Analytics
SOAR	Security Orchestration, Automation, and Response
SoD	Separation of Duties
SP	Special Publication
SPA	Single Packet Authentication
SQL	Structured Query Language
SRE	Site Reliability Engineer
SSE	(Skyhigh Security) Security Service Edge
SSH	Secure Shell
SSL	Secure Sockets Layer
SSO	Single Sign-On
SSPR	Single Sign-On Password Reset
STIG	Security Technical Implementation Guide
SWG	Secure Web Gateway
TCP	Transmission Control Protocol
TGW	Transit Gateway
TLS	Transport Layer Security
TOTP	Time-Based One-Time Pad
TTP	Tactics, Techniques, and Procedures
UAC	User Account Control
UAG	(VMware) Unified Access Gateway
UDP	User Datagram Protocol
UEM	Unified Endpoint Management
UI	User Interface
URL	Uniform Resource Locator
USB	Universal Serial Bus
VDI	Virtual Desktop Infrastructure
VDS	(VMware) vSphere Distributed Switch
VIP	(Symantec) Validation and ID Protection
VLAN	Virtual Local Area Network
VM	Virtual Machine
VNET	Virtual Network
VPC	Virtual Private Cloud
VPN	Virtual Private Network
vSAN	Virtual Storage Area Network
VSI	Virtual Server Instance
WAF	Web Application Firewall
WAN	Wide Area Network
WF	(Palo Alto Networks) Wildfire
WSS	(Symantec) Web Security Service
WSUS	(Microsoft) Windows Server Update Service
XDR	Extended Detection and Response
XSS	Cross-Site Scripting
ZCC	Zscaler Client Connector
ZIA	Zscaler Internet Access
ZPA	Zscaler Private Access
ZSO	(Ivanti) Zero Sign-On
ZTA	Zero Trust Architecture
ZTNA	Zero Trust Network Access