•  Base protocol – defines message
                              format, transport, error reporting, and
                              security services.
                          •  Extensions – modules such as Mobile-
                              IP.


               Network User Authentication
               •  LDAP.
               •  NIS – based on IP address to authenticate
                   clients.
               •  NIS+ - hierarchical and secure NIS.
               •  Distributed Computing Environment (DCE).
                       •  Kerberos.
                       •  Uses unique universal identifiers instead
                          of user names.
               •  NTLM.

               Perimeter Security
               •  Bastion host – highly secure system, e.g.,
                   application-level gateway.
               •  Proxy firewalls:
                       •  Circuit level – doesn't require a proxy for
                          each service.  It can require user
                          authentication.  E.g., SOCKS. Session
                          layer.
                       •  Application-level – different proxy for
                          each service.  It can require
                          authentication.  E.g., Content inspection.
                          Application layer.