Terminology
Here are some common terms used in the ACSC documentation.
Network Host
A computer running an operating system with a network stack, such as a server, laptop, virtual machine, mobile phone, tablet, or Internet-of-Things (IoT) device.
ACSC Host
A host running the ACSC agent software. When the agent is run inside a Docker container, the monitored host is the container itself, not the container’s host.
When we use the general term “host” in the context of ACSC, we typically mean an ACSC host.
The ACSC management UI uses this icon for hosts:
ACSC Agent
A lightweight service that runs on each ACSC host to apply changes to the host’s ACSC configuration that have been queued by the ACSC management server, as well as to send network usage and audit logs to the ACSC management server.
When we use the general term “agent” in the context of ACSC, we typically mean the ACSC agent.
The ACSC management UI uses this icon for agents:
ACSC Client
A network adapter that runs as a service on each ACSC host, enabling it to connect to ACSC networks.
When we use the general term “client” in the context of ACSC, we typically mean the ACSC client.
Network Interface
A software device that connects a host to a network. It may represent a physical connection through a wired or wireless network card on the computer (such interfaces typically would be given names like eth0
or wlan0
), or it may represent an entirely virtual connection (such as the connection to an ACSC network).
ACSC Interface
A network interface provided by the ACSC client. The same host could have many different ACSC interfaces, but typically only has one.
A host sends traffic to an ACSC network through its interface to the network. From the perspective of a host, an interface is the local side of its connection to a network.
The main ACSC interface for a host is usually named acsc0
.
When we use the general term “interface” in the context of ACSC, we typically mean an ACSC interface.
The ACSC management UI uses this icon for interfaces:
ACSC Endpoint
The combination of IP address and port (such as 192.0.2.1:51820
) to which traffic for a member of an ACSC network is sent. From the perspective of a host, an endpoint is the remote side of its connection to another member.
When we use the general term “endpoint” in the context of ACSC, we typically mean an ACSC endpoint.
The ACSC management UI uses this icon for endpoints:
Network Peer
A member of a network. Usually a remote member, from the perspective of the observer.
ACSC Peer
The identity of a member of an ACSC network. The same host conceptually could be a member of many distinct networks, appearing as a different peer to each.
Each peer uses a unique X25519 key pair to authenticate itself to other peers. The public part of this key pair, its “public key
” (typically represented as a 44-character base64-encoded string like O2onvM62pC1io6jQKm8Nc2UyFXcd4kOmOsBIoYtZ2ik=
), uniquely identifies the peer.
ACSC peers are interoperable with WireGuard peers, and use the same strong cryptography.
The ACSC management UI uses this icon for peers:
Local Peer
From the perspective of a host, an identity that the host itself uses to connect to one of its ACSC networks.
Remote Peer
From the perspective of a host, the identity of a different member of one of the host’s ACSC networks.
When we use the general term “peer” in the context of ACSC, we typically mean a remote peer.
ACSC Network
A virtual private network, using private IP addresses (such as in the 10.0.0.0/8
, 172.16.0.0/12
, or 192.168.0.0/16
blocks), to connect two or more peers via a secure tunnel through other physical public and private networks.
The same host can be part of many different, overlapping networks. From the perspective of a host, a network consists of the peers to which it can connect via a specific interface.
Anti-Cloud Hub
An ACSC host, managed by the Anti-Cloud Service and residing in the Anti-Cloud data center, that serves both as the hub and the Internet gateway for an ACSC network.
Hub-and-Spoke Network
A network type in which all-peers-but-one (the “spokes”) connect to a central “hub” peer, and communicate with other peers in the network by sending traffic through the central hub.
Point-to-Point Network
A network type in which two peers connect directly to each other (instead of sending traffic to each other through intermediary gateways or hubs).
Site-to-Site Network
A network type in which two peers forward traffic from their own local site to the other, with each peer acting as an intermediary gateway between the local site and the remote.
Point-to-Site Network
A network type in which all-peers-but-one (the “points”) connect to a central peer that serves as the gateway to a site. The “site” peer forwards traffic from the points to the site (and vice-versa).
Point-to-Internet Network
A network type in which all-peers-but-one (the “points”) connect to a central peer that serves as the gateway to the Internet. The “Internet” peer forwards traffic from the points to the Internet (and vice-versa).