Skip to main content
Back to Splashtop
Foxpass
Log inFree Trial
Contact UsLog inFree Trial

Foxpass Glossary

Explore the essential terms and technologies behind secure network access, certificate-based authentication, and modern identity and access management.

  • A
  • B
  • C
  • D
  • E
  • F
  • G
  • H
  • I
  • J
  • K
  • L
  • M
  • N
  • O
  • P
  • Q
  • R
  • S
  • T
  • U
  • V
  • W
  • X
  • Y
  • Z

  • A

    • Active Directory (AD)

      A legacy directory service developed by Microsoft for managing users, devices, and access within Windows-based networks. Active Directory authenticates users and enforces group policies through on-premises domain controllers. While still widely used, it relies on local infrastructure and manual management. Foxpass Cloud LDAP provides a modern alternative to Active Directory, delivering the same centralized identity and access management (without local servers) and syncing directly with cloud IdPs like Microsoft Entra ID, Google Workspace, Okta, and OneLogin to unify authentication across systems and networks.

  • B

    • BYOD (Bring Your Own Device)

      A policy or practice that allows users to access corporate networks and resources using their personal devices. BYOD increases flexibility but requires secure authentication to maintain compliance. Foxpass supports BYOD environments through its BYOD certificate installer, enabling passwordless, certificate-based Wi-Fi and VPN access for unmanaged devices.

  • C

    • Certificate Authority (CA)

      A trusted entity that issues and signs digital certificates to verify the identity of users or devices. The CA ensures certificates are valid and traceable to a trusted root. Foxpass Cloud PKI acts as a private CA, giving organizations full control over certificate lifecycles and trust policies.

    • Client Certificate

      A digital certificate installed on a user’s device that proves the device or user’s identity during network authentication. Client certificates replace traditional passwords in EAP-TLS and other secure authentication methods. Foxpass issues client certificates through its Cloud PKI and BYOD enrollment tools.

  • D

    • Device Certificate

      A digital certificate bound to a specific endpoint or machine, allowing the device itself — not just the user — to authenticate securely to a network or service. Foxpass integrates with MDM platforms to issue and manage device certificates automatically for managed endpoints.

  • E

    • EAP (Extensible Authentication Protocol)

      A flexible authentication framework used in network access systems such as Wi-Fi and VPNs. EAP supports multiple authentication methods, including passwords, tokens, and digital certificates, by encapsulating them within a standardized process. Foxpass Cloud RADIUS supports EAP-based methods like EAP-TLS and EAP-TTLS to enable secure, identity- and certificate-based authentication for all device types.

    • EAP-TLS (Extensible Authentication Protocol – Transport Layer Security)

      A highly secure authentication method that uses digital certificates instead of passwords to verify both the user and the network. Foxpass Cloud RADIUS supports EAP-TLS to deliver passwordless, certificate-based authentication for managed and BYOD devices.

    • EAP-TTLS (Extensible Authentication Protocol – Tunneled Transport Layer Security)

      An authentication method that creates a secure, encrypted tunnel between the client and the RADIUS server. Inside that tunnel, user credentials are verified without exposing them on the network. Foxpass Cloud RADIUS supports EAP-TTLS to enable secure, identity-based authentication when certificates aren’t deployed.

    • eduroam (Education Roaming)

      A global Wi-Fi federation service that enables students, researchers, and staff to securely access wireless networks across participating institutions using their home credentials. eduroam relies on RADIUS-based authentication with EAP-TLS or EAP-TTLS to verify user identities across organizations. Foxpass Cloud RADIUS supports eduroam deployments with a cloud-native, zero-maintenance architecture that meets federation requirements and integrates seamlessly with institutional identity providers and LDAP directories.

  • F

    • FreeRADIUS

      An open-source RADIUS server widely used for network authentication, authorization, and accounting. FreeRADIUS supports multiple authentication protocols, including EAP-TLS and EAP-TTLS, and is commonly deployed in enterprise and education environments. Foxpass Cloud RADIUS builds on the same RADIUS standards as FreeRADIUS but delivers them as a fully managed, cloud-native service — eliminating server maintenance and simplifying integration with modern identity providers.

  • I

    • IEEE 802.1X Wi-Fi Authentication

      A network access control standard that uses the Extensible Authentication Protocol (EAP) to authenticate users and devices before granting network access. It forms the basis for secure enterprise Wi-Fi®. Foxpass Cloud RADIUS enables 802.1X authentication with identity- and certificate-based access, integrating seamlessly with your organization’s cloud IdP and device management tools.

    • Identity Provider (IdP)

      A service that stores and verifies digital identities, authenticating users before granting access to connected applications and systems. Common cloud IdPs include Microsoft Entra ID (Azure AD), Google Workspace, Okta, and OneLogin. Foxpass integrates with your organization’s IdP to sync user and group data for centralized access control.

    • Identity and Access Management (IAM)

      A framework of policies and technologies that ensures the right individuals have the appropriate access to systems and resources. IAM centralizes identity verification and access control across users, devices, and applications. Foxpass provides IAM capabilities through cloud-hosted LDAP, RADIUS, and certificate-based authentication integrated with your organization’s IdP.

  • L

    • LDAP (Lightweight Directory Access Protocol)

      A standard protocol used to store, organize, and retrieve user and group information from a directory. LDAP forms the backbone of centralized identity management — supporting logins for systems like VPNs, servers, and legacy applications. Foxpass Cloud LDAP provides a fully managed, cloud-hosted LDAP service synced with your organization’s cloud IdP for seamless and unified identity and access management.

    • LDAP Search

      An LDAP operation that queries a directory to locate and read user or group entries based on defined criteria. It can return full or partial results depending on the filter and scope of the search. With Foxpass Cloud LDAP, directory searches stay current through continuous sync with your cloud IdP, ensuring identity data is always accurate and up to date.

    • LDAP Server

      The server component that hosts and manages the LDAP directory database. It handles requests from clients, performs lookups or updates, and returns directory information. Foxpass Cloud LDAP eliminates the need to host or maintain your own LDAP server by offering a fully managed, cloud-native directory automatically synced with your cloud IdP.

    • Least Privilege

      A security principle that limits each user or system process to the minimum level of access required to perform its tasks. Applying least privilege reduces the risk of accidental or malicious misuse of credentials. Foxpass enforces least-privilege access through identity-based policies, role-based permissions, and granular access controls across RADIUS, LDAP, and SSH key management.

  • M

    • MDM (Mobile Device Management)

      A platform that enables IT teams to configure, secure, and manage mobile and endpoint devices. MDM systems often handle certificate deployment, policy enforcement, and remote wipe. Foxpass integrates with leading MDM solutions like Intune, Jamf, and Kandji to automate certificate issuance and renewal for managed devices.

    • Microsoft Entra ID (formerly Azure Active Directory)

      Microsoft’s cloud-based identity and access management service that authenticates users and secures access to applications, devices, and cloud resources. Entra ID replaces many traditional Active Directory functions with a scalable, cloud-native architecture. However, many legacy systems don’t natively support modern cloud IdP authentication or require costly upgrades to support SAML or OAuth. Foxpass integrates with Microsoft Entra ID to sync users and groups for centralized authentication through Cloud LDAP and Cloud RADIUS — extending Entra identities to Wi-Fi, VPN, and server logins without changing existing systems.

    • Microsoft NPS (Network Policy Server)

      A Windows Server role that acts as a RADIUS server for authenticating and authorizing users connecting to a network. NPS integrates with on-premises Active Directory to enforce network access policies. Foxpass Cloud RADIUS replaces or extends Microsoft NPS with a cloud-native, zero-maintenance alternative that integrates directly with modern identity providers. Paired with Foxpass Cloud LDAP, it enables organizations to retire legacy Active Directory while maintaining centralized, identity-based network authentication.

  • N

    • Network Access Control (NAC)

      A security framework that manages and enforces policies for devices and users attempting to access a network. NAC verifies identity and device compliance before granting access. Foxpass Cloud RADIUS acts as a key component of a NAC strategy by enforcing identity- and certificate-based network authentication.

    • Network Segmentation

      The practice of dividing a network into smaller, isolated segments to improve security, performance, and access control. Segmentation limits the spread of threats and enforces least-privilege access to sensitive systems. Foxpass Cloud RADIUS integrates with VLAN policies to automate network segmentation based on user roles, device identity, or authentication method.

  • O

    • OpenRoaming

      A global Wi-Fi federation framework that allows users to connect securely and automatically to participating wireless networks without manual logins. OpenRoaming uses federated identity, RADIUS, and certificate-based authentication to ensure trusted connectivity across venues and providers. Foxpass Cloud RADIUS supports OpenRoaming integration, enabling organizations to extend secure, identity-based Wi-Fi access across campuses and partner networks with a cloud-native, zero-maintenance architecture.

  • P

    • PKI (Public Key Infrastructure)

      A framework that issues, manages, and validates digital certificates used to authenticate users, devices, and systems. PKI enables secure, passwordless authentication through public and private key pairs. Foxpass Cloud PKI automates certificate issuance, renewal, and revocation for both managed and BYOD devices.

    • PSK (Pre-Shared Key)

      A shared password or passphrase used to authenticate users or devices to a wireless network, commonly found in home and small-office Wi-Fi setups. While simple to deploy, PSKs create security risks because the same key is shared across multiple users and devices. Foxpass Cloud RADIUS replaces PSK-based authentication with secure, identity- and certificate-based access — eliminating shared passwords and enabling centralized control through your organization’s cloud IdP.

    • Privileged Access Management (PAM)

      A subset of IAM focused on securing and monitoring access to critical systems and administrative accounts. PAM controls who can perform sensitive actions, such as configuration changes or root-level commands. Foxpass SSH Key Management and SUDO Management features help enforce PAM principles by controlling key access and command privileges.

    • Privileged Identity Management (PIM)

      A specialized component of PAM that manages and audits identities with elevated or time-limited administrative permissions. PIM ensures that privileged credentials are issued, used, and revoked securely. Foxpass integrates identity-based controls and logging to support PIM practices in engineering and IT environments.

  • R

    • RADIUS (Remote Authentication Dial-In User Service)

      A networking protocol that provides centralized authentication, authorization, and accounting for users connecting to a network. Foxpass Cloud RADIUS enables secure, identity- and certificate-based Wi-Fi and VPN access without the need to maintain on-prem servers.

    • RADIUS Attributes

      Data fields included in RADIUS messages that define parameters for authentication, authorization, and accounting. Attributes specify details such as user identity, access policies, VLAN assignment, and session timeouts. Foxpass Cloud RADIUS supports standard and custom RADIUS attributes, enabling administrators to enforce granular access policies, automate VLAN placement, and integrate with third-party network infrastructure for identity-driven access control.

    • RADIUS Client

      A network device, such as a Wi-Fi access point, switch, or VPN gateway, that forwards user authentication requests to a RADIUS server. The client relays credentials or certificates for verification and enforces the access decision returned by the server. With Foxpass Cloud RADIUS, your existing network devices act as RADIUS clients, securely authenticating users through your connected cloud IdP or directory.

    • RADIUS Federation

      A network of interconnected RADIUS servers that enables authentication across multiple organizations or domains. In a RADIUS federation, a user can access a participating network using credentials issued by their home institution. Foxpass Cloud RADIUS supports RADIUS federation models like eduroam and OpenRoaming, providing secure, scalable authentication between trusted networks without the need for on-premises RADIUS servers.

    • RADIUS Proxy

      A RADIUS component that forwards authentication requests between a client and an external RADIUS server. RADIUS proxies are commonly used in federated environments to route requests to the correct organization’s identity source. Foxpass Cloud RADIUS can function as a RADIUS proxy, securely relaying requests to institutional or partner servers while maintaining centralized visibility and control.

    • RADIUS Server

      The backend component that authenticates, authorizes, and logs user access requests to a network. It validates credentials or certificates against a connected identity source before granting access. Foxpass Cloud RADIUS replaces traditional on-prem RADIUS servers with a cloud-native service that integrates seamlessly with your organization’s cloud IdP and directory systems.

    • RadSec (RADIUS over TLS)

      A secure extension of the RADIUS protocol that transmits authentication and accounting data over encrypted TLS connections instead of UDP. This protects credentials in transit and is commonly used in federated networks like eduroam. Foxpass Cloud RADIUS supports RadSec to deliver encrypted, standards-compliant connectivity for cross-organization authentication.

    • Role-Based Access Control (RBAC)

      A method of restricting access based on user roles within an organization. Permissions are grouped by role, simplifying management and ensuring least-privilege access. Foxpass uses LDAP group memberships and IdP attributes to enforce role-based access across network and system logins.

  • S

    • SCEP (Simple Certificate Enrollment Protocol)

      A protocol used to automate certificate enrollment, distribution, and renewal between devices and a certificate authority (CA). Foxpass integrates with MDM platforms using SCEP to simplify certificate lifecycle management across enrolled devices.

    • SSH (Secure Shell)

      A secure network protocol used to remotely access and manage servers, devices, and network infrastructure. SSH encrypts all communications between the client and server, protecting credentials and data in transit. Foxpass integrates SSH access with identity and key management, allowing organizations to enforce centralized control, automate key rotation, and maintain auditable access logs.

    • SSH Key

      A cryptographic key pair used to securely authenticate users when connecting to servers via the Secure Shell (SSH) protocol. SSH keys replace traditional passwords and enable strong, asymmetric authentication. Foxpass SSH Key Management automates key creation, rotation, and revocation, ensuring engineers and administrators maintain secure, auditable server access aligned with least-privilege and zero-trust principles.

    • SSH Key Rotation

      The practice of periodically replacing SSH key pairs to reduce the risk of unauthorized access from compromised or outdated credentials. Regular key rotation is a core security control for maintaining least-privilege access and compliance readiness. Foxpass SSH Key Management automates key rotation, ensuring that all users and systems stay secure without manual intervention or service disruption.

    • SUDO Management

      The administration of user permissions for executing privileged commands on UNIX, Linux, or macOS systems using the sudo command. Effective SUDO management ensures that elevated access is granted only when necessary and actions are logged for accountability. Foxpass SUDO Management centralizes and enforces sudo policies through LDAP groups and user roles, supporting least-privilege principles and simplifying compliance audits.

  • V

    • VLAN (Virtual Local Area Network)

      A logical segmentation of a physical network that isolates traffic between user groups, departments, or device types. VLANs enhance security and performance by limiting access and broadcast domains. Foxpass Cloud RADIUS supports VLAN assignment, allowing administrators to dynamically place users or devices into the correct network segment based on identity or group membership.

    • VPN (Virtual Private Network)

      A secure network connection that encrypts traffic between a user’s device and a private network, protecting data in transit. VPNs are often used for remote access to internal systems. Foxpass Cloud RADIUS enables identity- and certificate-based VPN authentication, while Foxpass Cloud LDAP centralizes user and group data for fine-grained access control and VLAN authorization — helping organizations modernize IAM and enforce zero-trust policies across both Wi-Fi and VPN connections.

  • W

    • WPA2-Enterprise

      A Wi-Fi security standard that uses 802.1X authentication and a RADIUS server to verify each user or device individually, rather than relying on a shared password. WPA2-Enterprise supports secure methods like EAP-TLS for certificate-based authentication and EAP-TTLS for credential-based authentication within an encrypted tunnel. Foxpass Cloud RADIUS enables WPA2-Enterprise deployments with seamless integration to cloud identity providers and automated certificate management for both managed and BYOD devices.

    • WPA3-Enterprise

      The latest Wi-Fi security standard designed to enhance the protections of WPA2-Enterprise with stronger encryption, improved key management, and resistance to offline attacks. WPA3-Enterprise requires 802.1X authentication with a RADIUS server and supports advanced methods such as EAP-TLS for certificate-based authentication. Foxpass Cloud RADIUS supports WPA3-Enterprise environments, delivering identity-driven, zero-trust Wi-Fi access integrated with modern cloud identity providers and automated certificate lifecycle management.

  • Z

    • Zero Trust

      A security model that assumes no user or device should be trusted by default, whether inside or outside the network. Access is granted only after continuous verification of identity, device, and context. Foxpass enables zero-trust access through certificate-based authentication, identity-driven policies, and granular logging.

  • Compliance
  • Privacy Policy
  • Terms of Use
Copyright © 2025 Splashtop Inc. All rights reserved. All $ prices shown in USD.