Web Performance and Security Glossary

A - Z



Adaptive Streaming
Today, online users are watching video at any time, in any circumstance, and on any device. Regardless of the situation, their expectation is that videos are streamed without interruption and in the best resolution possible. Adaptive Streaming automatically adjusts the quality of streaming video based on the speed of a user’s internet connection. Adaptive Streaming measures a user’s bandwidth in real time and modifies the video stream to provide the best possible video quality given the user’s conditions. During Adaptive Streaming a video is broken into different bitrates to accommodate bandwidth connections. Each bitrate version is broken into fragments lasting 2 to 10 seconds. A video player serving content to a user will pull these video fragments and add them into the video stream.


ADN (Application Delivery Network) 
An Application Delivery Network (ADN) is a network infrastructure optimized for more efficient application and dynamic content delivery across the web. ADNs enable application requests and responses to by pass inefficiencies of standard internet protocols for faster and more reliable delivery. A more direct and reliable path of delivery drastically reduces load time and enhances application performance.


Application Monitoring 
Application Monitoring is a background process that monitors the performance of an application. An application monitoring software program provides several types of metrics to help an administrator evaluate the performance or isolate any issues of a network application.


Application Performance 
Application performance monitors the availability and efficiency of software applications. It measures both the resources used by the application and the experience of the end-user by taking into account the time needed for the application to load and the volume of transactions going through the system.


A cache is a record of static content hosted on a server. It is like a digital file folder of site elements. If something can be cached, it can be stored in a digital file folder, retrieved, and then presented as a part of a website each time a user makes a request to load a page.


Cache Hit Ratio 
The Buffer Cache Hit Ratio is a percentage of times that pages are served up or “hit” from the cache as opposed to “missing” and having to go through the disk (server). The greater the cache hit ratio, the quicker a web page can be expected to load and perform.


CDN (Content Delivery Network) 
A Content Delivery Network, also known as a CDN, is an interconnected network of servers placed around the globe for faster web content delivery. Entire websites, or parts of it, can be cached (duplicated) on each of the servers that are located closer to the end user. Reducing the distance between the end user and sever, reduces the time that is required to deliver data across the web. The process greatly reduces load time and enhances reliability.


Cloud Security 
Cloud Security encompasses technologies and policies designed to adhere to regulatory compliance rules and protect information, data applications and infrastructure associated with cloud computing use. Cloud Security  solutions can include DDoS mitigation to stop website attacks and WAF protection for applications.


The China Internet Network Information Center, or CNNIC, is the primary government agency in China responsible for affairs relating to the Internet. Specifically, the CNNIC governs domain name registry, IP address allocation, network catalog databases, technical Internet and international policy/liaison research, Internet statistics and surveying as well as malware production and distribution. The CNNIC also serves as Secretariat of the Internet Policy and Resource Committee, Internet Society of China (ISC), and Secretariat of the Anti-Phishing Alliance of China (APAC).


Cross Site Scripting (CSS / XSS)
Cross-site scripting (CSS or XSS) is a type of computer security vulnerability typically found in Web applications. Cross-site scripting enables attackers to inject client-side script into Web pages viewed by other users. A cross-site scripting vulnerability may be used by attackers to bypass access controls such as the same-origin policy.


Data Packet 
A Data Packet is an information request that travels from a server through a network to get to an end user, and back again. When a user clicks a link to load a page, for instance, (s)he sends a data packet request for the necessary elements to load.


DDoS (Distributed Denial of Service)
DDoS, or Distributed Denial of Service, is a type of attack in which a hacker tries to overload a website by flooding its server with site traffic in order to make it crash. In a DDoS attack, many systems that control a site and server become compromised and are often infected with a Trojan virus. The virus then targets a single system and overloads it with traffic coming from thousands of different sources at once. The overloaded system cannot keep up with the traffic, which causes the system to fail. Once one cog in the wheel malfunctions, the site crashes.


DNS (Domain Name System) 
A DNS, or Domain Name System, is an internet system that translates domain name URLs (like cdnetworks.com) into Internet Protocol (IP) addresses, or a number identifying the location of a site, from where it is from, and where it is going. A DNS is essentially a type of GPS used to navigate the map of the Internet.


DNS lookup 
DNS Lookup is the process by which a DNS record connects to the corresponding IP address. When a user types in cdnetworks.com, the domain is “looked up” and translated into its corresponding IP address that servers, networks, and computers use to perform the user’s desired function, which in this example is to serve up cdnetworks.com.


Dynamic Content
Dynamic Content cannot be cached, or stored in PoPs, because it is unique to a given user and session. For example, e-commerce shopping carts, employee benefits documents, stock quotes, and even a user’s Twitter feed constitute dynamic, changing content.


Dynamic Web Acceleration
Dynamic Web Acceleration (DWA) speeds up the delivery of dynamic web content to users around the world. Dynamic content, generated in real-time by user behavior or applications (e.g. games, online trading, cloud applications) cannot be cached at a nearby server and must be delivered directly from the origin server. DWA enables dynamic content to bypass the inefficiencies of standard internet protocols for faster responses from the origin server.


Edge Network
An Edge Network is a PoP (Point of Presence) with the closest distance geographically to the end user. A user’s edge network is responsible for providing content cached from the origin server and can load much more quickly since information has fewer miles to travel.


Fake account generation
Fake account generation is an offensive spamming technique used to create accounts or user profiles on a website or web application with non-real data for the purpose to gain access to a web site or web service. Fake account generators are capable to create seemingly valid but nonexistent data e.g. names, emails, social security data, credit card information, blood type.


Front End Optimization 
Front End Optimization (FEO) is the process by which the front end, or user-facing, part of a website is optimized with best practices to ensure efficient load times, good general site performance, and a positive user experience.


Form spamming
Form spamming is an offensive website or web application based spamming technique to flood online-based forms (e.g. sign up form or booking information) with false data by purpose built internet robots.


Great Firewall
The Great Firewall monitors, tracks and censors Internet content. Websites outside of the Great Firewall load 50% slower than if they were loading from a server inside the Firewall. The Great Firewall is formally known as the Golden Shield Project, was a project initiated by China’s Ministry of Public Security in 1998 to provide censorship and surveillance of the Internet in China. The project began operating in 2003, and since then, the Great Firewall has controlled what internet users within Mainland China can and cannot access, based on what the government deems appropriate.


HTTP Parsing 
HTTP Parsing is the automated process by which HTTP response requests are decoded and transmitted to properly load and display a web page.


HTTP request
HTTP stands for Hypertext Transfer Protocol. An HTTP Request happens when a user’s browser “fetches” a file from a server to display information on a web page.


“ICP stands for “Internet Content Provider”. The ICP license is required in order for a website to be hosted within Mainland China. The Chinese Ministry of Industry and Information Technology (MIIT) governs this license. If properly licensed, websites are required to display the ICP license number at the bottom. An ICP license number looks something like this: 京ICP证131173号. “


IP Address
An Internet Protocol Address, or IP Address, is a sequence of four numbers separated by dots (i.e. It is unique to a given network, computer, or other device connected to the Internet. IP Addresses enable devices to communicate using the rules, or protocols, of the many networks that make up the entire Internet. IP Addresses can either be static and unchanging, or dynamic and temporary, and are controlled by ISPs.


ISP (Internet Service Provider) 
An ISP, or Internet Service Provider, is a company that provides access to the Internet in exchange for a fee.


A LAN (Local Area Network) is a network of workstations in a small geographical area. They are often utilized within companies or universities to allow users to share and access information and services controlled by the LAN provider. For instance, a university may use a LAN to give students and faculty access to its digital library, but prevent other users from accessing this resource.


Latency is the time it takes for a data packet to get from the server to the end user, or between two points on the internet. Latency increases as the distance between the server and the end user increases. The greater the latency, the longer it takes the site to load.


Load Balancing 
Load Balancing is how computers, servers, cloud storage devices, network points, etc. distribute incoming and outgoing data to “balance” the load and ensure efficient delivery to users. Reducing load ensures consistent web performance across all users accessing the site at the same time.


Load Testing
Load Testing, also referred to as performance testing, tests software applications under various load conditions. The system is “stress tested” under heavy loads to ensure it can handle its normal load and occasional spikes in traffic or data transferal.


Middle Mile 
The Middle Mile is all the areas which make up the entity we call “the Internet” that are not owned or controlled by Internet Service Providers (ISPs). To get from one network peering point on the Internet to another, data must pass through this uncontrolled “middle” area, which is between the edges of each network. Poor web performance and loss of http packets are often caused by issues transitioning from network to network in the Middle Mile.


“The Ministry of Industry and Information Technology of the People’s Republic of China (MIIT) is the Chinese government agency that regulates electronic information software production as well as the postal, Internet, wireless, broadcasting and communications services.”


Network Bottleneck 
A Network Bottleneck is a situation where the amount of data funneled by a network system into a computer or network resource is too much for its capacity to handle. This results in sluggish performance and slow load times.


Network Topology
Network Topology refers to the architectural arrangement of elements in a network. Elements include nodes and links, or points of connection and transfer, which send and receive information through networks.


The origin server or “the origin,” is the original location where data used to serve up web pages is held before it is cached or when the cache misses (see Buffer Cache Hit Ratio).


Packet Loss 
A data packet loss occurs when an information “packet” traveling from either an origin server or a cache server to a user waiting for a web page drops. As a result, the request is resent in order for the page to load or the user is served an error code.


PCI Certified
The Payment Card Industry Data Security Standard (PCI DSS) issues certification to all companies, organizations, or merchants that handle credit card data. In essence, a PCI compliant merchant must ensure it maintains a secure digital environment to reduce the opportunity for data compromise.


PoPs (Points of Presence)
PoPs, or Points of Presence, are physical locations of servers. They act as local access points to receive data and content from far away, store it, and mirror the original to a local user whenever that data is requested. PoPs are an essential part of a CDN because they allow information hosted far away to be stored close to end users all over the globe, which in turn provides a more uniform user experience and faster page load times.


Russia Association for Electronic Communications (RAEC)
The Russian Association of Electronic Communications(RAEC) is made up of passionate technologists that focus on regulating information, communication and Internet technologies in Russia. The program aims to facilitate dialogue between the country of Russia and its IT companies by drafting laws, conducting research, hosting conferences, and forming committees.


Scalability is how well an application, hardware or software product performs after experiencing changes in volume, size, or function. An application “scales” well if it can adapt to meet users’ needs regardless of any change, such as in traffic spikes, location, or different access types (desktop versus mobile).


Screen Scraping
Screen Scraping is mostly performed by purpose built internet robots to collect large amount of valuable information from a website or web application. This form of large scale or highly targeted data collection is used to e.g. undercut competitor’s pricing information, extract booking availability or to harvest valuable information from a website (e.g. airlines’ ticket pricing, hotels’ room availability or email addresses).


Session hijacking
Session hijacking, sometimes also known as cookie hijacking is the exploitation of a valid computer session over the internet —sometimes also called a session key— to gain unauthorized access to private, confidential or sensitive information (e.g. credit card details or user name and password) or services in a computer system.


SQLi (SQL injection)
SQL (Structured Query Language) injection is an offensive code injection technique, used to attack web based online applications and databases, in which malicious SQL statements are inserted into an online field (e.g. sign up or login form) for execution (e.g. to dump the database contents to the attacker).


SSL (Secure Socket Layer)
SSL (Secure Sockets Layer) is the standard in Internet security by which information is encrypted as it travels across web servers and browsers that have an SSL Certificate, or registration of proof of security. A website’s SSL Certificate usually contains its URL/domain name, location, owner, and the date the certificate expires. If at any point in a transmittal a browser finds a problem with a website’s SSL Certificate, it displays a warning that the access is no longer secure.


Static Content
Static Content can be cached, or stored in PoPs, to easily serve up to users across the globe. Static content is the same for all users and includes site elements like text, images, and embedded videos.


TCP Optimization 
TCP Optimization is the method in which Transmission Control Protocol (TCP/IP), or the part of Internet protocol that ensures reliable and error-checked packet delivery, is “tuned” over networks with high bandwidth and latency. An intelligently optimized TCP can result in improved performance and serve up websites 10 times faster.


Throughput measures the rate at which data is transferred, downloaded, or uploaded from one source location to another. It is expressed in kilobytes per second (kps), megabytes per second (mps), and gigabytes per second (gps).


TTFB (Time to First Byte)
Time to First Byte (TTFB) is a metric that measures how long it takes for a user’s browser to receive the first byte of data from a server or network. In other terms, it is a measure of the end of the latent period of data packet travel (see latency).


TTI (Time to Interact) 
Time to Interact (TTI) is a metric that measures how long it takes for a page to become clickable by a user and therefore interactive. It does not necessarily imply the time it takes for a page to load fully, because a page can become interactive before all elements finish loading.


VPN (Virtual Private Networks)
Virtual Private Networks, or VPNs, are networks created for internal use within an organization such as enterprises, schools, medical offices, or government agencies. VPNs prevent external traffic from reaching the content accessed and retrieved within that network, so they are common practice for Internet security measures.


WAF (Web Application Firewall)
Web Application Firewalls (a.k.a. “WAF”) are designed to maximize your web application’s security and keep it safe from hacking or penetration attempts, even if it has unknown vulnerabilities. An ideal Web Application Firewall (WAF) ensures maximum security and protection from hacking, zero day vulnerability, business abuse, screen scraping, Cross Site Scripting (CSS / XSS), session hijacking, form spamming and fake accounts generation.


WAN (Wide Area Network) 
A WAN, or Wide Area Network, is a network of Local Area Networks (LANs) compiled to form a single network entity over a dispersed geographical area. They are common in universities and enterprises where a group of people (i.e. students or employees) need to access a network from many locations, be it cities, states, or countries. WANs and VPNs, or Virtual Private Networks, are popular in these instances because they offer administrators a customizable level of control over their network access and activity, including the implementation of intranets and extranets to meet the needs of mobile users.


Web Performance Monitoring 
Web performance monitoring is the practice of tracking a website to ensure content is displayed in a timely manner and that no unexpected downtimes occur.


Zero day vulnerability (also known as zero-hour or 0-day)
A zero day vulnerability refers to a security hole in an (a web) application or software that is unknown to the vendor. This security hole represents a major threat to an organisation and individuals that could be exploited by hackers before the vendor becomes aware and provides a solution to fix.


Zero Trust Model of information security
Developed by Forrester Research as a model for reducing security risks by making security ubiquitous throughout the network. Zero Trust eliminates the idea of a trusted network (usually the internal network) and an untrusted network (external networks). In Zero Trust, all network traffic is untrusted.