Reference

Infrastructure glossary

Terms you hear in networking, cloud, and security conversations — defined in one or two plain sentences. Look up what you need; no need to read A through Z.

BGP

Routing

Border Gateway Protocol — how autonomous networks on the internet advertise which IP prefixes they can reach.

CDN

Delivery

Content delivery network — caches static assets closer to users to cut latency and origin load.

DNS

Networking

Domain Name System — translates human-readable hostnames into IP addresses services actually use.

DDoS

Security

Distributed denial-of-service — an attack that floods a target with traffic from many sources to exhaust capacity.

East-west traffic

Networking

Traffic between services inside the same environment, as opposed to north-south client-to-server flows.

Firewall

Security

A control that permits or denies traffic based on rules — often at network boundaries or on hosts.

IAM

Security

Identity and access management — policies and roles that define who and what can perform which actions.

Latency

Metrics

Time for a request to travel across the network and return — critical for user experience and distributed systems.

Load balancer

Networking

Distributes incoming requests across healthy backends and can terminate TLS or perform health checks.

MFA

Security

Multi-factor authentication — requires more than one proof of identity before granting access.

NAT

Networking

Network address translation — maps private addresses to public ones so internal hosts reach the internet.

Private link

Cloud

A dedicated connection between your network and a cloud provider without traversing the public internet.

Reverse proxy

Networking

Sits in front of servers, handling TLS, routing, caching, and sometimes authentication.

SD-WAN

Connectivity

Software-defined WAN — central policy controls how branch sites route traffic across multiple links.

Subnet

Networking

A partitioned range of IP addresses inside a larger network, often used to separate tiers or teams.

TLS

Security

Transport Layer Security — encrypts data in transit between clients and servers.

VPC

Cloud

Virtual private cloud — isolated network space in a public cloud where you define subnets, routes, and gateways.

VPN

Connectivity

Virtual private network — encrypted tunnel connecting remote users or sites to a private network.

WAF

Security

Web application firewall — inspects HTTP traffic for common attacks like SQL injection or XSS.

Zero trust

Security

Security model that verifies every access attempt regardless of network location — "never trust, always verify."

Want to see these terms in context?

The playbook walks through how the pieces connect in real topologies.

Read the playbook