IT & Telephony Glossary from A to Z

Automatic call distribution system routing incoming calls to available agents or queues based on defined rules (skill, language, load). Core component in call centre and helpdesk environments.

Directory service developed by Microsoft for Windows networks. Centrally manages user accounts, computers, groups and policies (GPOs) in a hierarchical structure of domains, trees and forests.

Software component in firewalls and NAT routers that inspects SIP packets at application layer and rewrites IP addresses in SIP headers and SDP body. Intended to solve NAT issues but often causes interoperability problems – recommendation: disable ALG and use an SBC instead.

Interface through which software components communicate. APIs define how requests are made and responses delivered – e.g. REST APIs for web services.

Long-term, targeted cyberattack against a specific organisation – often orchestrated by state actors or professional groups. Characterised by a multi-stage approach, long dwell time in the network and low visibility. Countermeasures: SIEM, EDR, Zero Trust.

Device that connects analogue telephone equipment (POTS) to a VoIP/SIP network. Converts analogue voice signals to digital IP packets and vice versa.

Virtual receptionist of a PBX that greets callers with a welcome announcement and routes them to departments or extensions via a DTMF menu – without human intervention. Complements or replaces the traditional switchboard and is often used together with IVR and call queues.

SIP component acting as two opposing User Agents: it terminates an incoming SIP session and simultaneously initiates a new outgoing session. Enables full call flow control, e.g. in Session Border Controllers.

Creating a copy of data so it can be restored in the event of loss or corruption. Common strategies: full, incremental, differential backup; GFS rotation (Grandfather-Father-Son).

Document and strategy for maintaining critical business processes in the event of a failure or disaster. Defines emergency procedures, responsibilities and communication channels.

Status display on IP phones or attendant consoles showing in real time whether an extension is free, busy or ringing. Based on SIP SUBSCRIBE/NOTIFY (RFC 4235). Simplifies call transfer and team overview.

Concept where employees use their own devices (smartphones, laptops) for work purposes. Requires Mobile Device Management (MDM) and clear security policies.

Security solution positioned between cloud users and cloud services, providing visibility, compliance, data security and threat protection for SaaS applications. Detects shadow IT, enforces DLP policies and prevents unauthorised data access.

Network of geographically distributed servers delivering content (websites, videos, software) from a node close to the user, reducing latency and increasing availability.

Core principle of information security with three protection goals: Confidentiality (only authorised parties have access), Integrity (data is correct and unaltered) and Availability (systems are reachable). Foundation of every IT security concept.

Algorithm for encoding and decoding audio (and video) data in VoIP systems. Common voice codecs: G.711 (uncompressed, PSTN quality), G.722 (wideband, HD voice), G.729 (compressed, low bandwidth), Opus (flexible, for WebRTC).

Lightweight virtualisation unit packaging an application together with all its dependencies in an isolated environment. Unlike VMs, containers share the same OS kernel. Most widespread runtime: Docker; orchestration: Kubernetes.

Technology connecting a PBX with computer software. Enables click-to-dial from CRM/ERP, automatic display of customer records on incoming calls (screen pop), PC-based call control and call logging. Interfaces: TAPI, CSTA, REST API.

Cloud service model delivering virtual desktops from a data centre, accessed via browser or thin client. Similar to VDI but fully hosted and managed by the provider. Example: Azure Virtual Desktop (AVD).

Cyberattack flooding a target (website, server) with requests from many distributed sources (botnet) to make it unreachable. Protection: anti-DDoS services, traffic scrubbing, anycast routing.

Cordless telephony standard widely used in Europe and many other regions. DECT handsets connect to the PBX via DECT base stations. Offers encrypted transmission and is suitable for professional business use.

Merging of software development (Dev) and IT operations (Ops) to accelerate software delivery through automation, Continuous Integration (CI) and Continuous Delivery (CD). Promotes close collaboration between development and operations teams.

Network protocol that automatically assigns IP addresses and other configuration parameters (subnet mask, gateway, DNS) to network devices.

Rule set of a PBX that defines how incoming and outgoing numbers are interpreted and routed. Determines which numbers are routed internally, via SIP trunk or PSTN.

A public telephone number routed directly to an internal PBX extension without operator assistance. Enables each employee to have their own external number.

Subset of the Business Continuity Plan (BCP) focusing on the technical recovery of IT systems and data after a major incident. Key metrics: RPO (Recovery Point Objective) and RTO (Recovery Time Objective).

Software system for digitally capturing, indexing, managing, archiving and retrieving documents. Enables audit-proof archiving in line with compliance requirements (GDPR, GoBD). Well-known systems: DocuWare, ELO, d.3.

Network segment positioned between the internal (trusted) network and the internet. Publicly accessible services (web server, mail server) are placed in the DMZ to protect the internal network.

Hierarchical naming system of the internet that resolves domain names (e.g. itworx-solutions.at) to IP addresses. Also used in SIP: DNS SRV records allow automatic discovery of SIP proxy servers.

Value in the IP header (6 bits) marking the priority of data packets for QoS mechanisms. VoIP data (RTP) is typically marked with EF (Expedited Forwarding, DSCP 46) to guarantee low latency.

EU Regulation (2016/679) on the protection of personal data, applicable since May 2018 (GDPR). Requires organisations to implement data protection by design, consent management, a record of processing activities and breach notification obligations. In Austria supplemented by the DSG.

TLS-based encryption protocol for UDP connections (RFC 6347). Used in WebRTC and modern VoIP systems as DTLS-SRTP: DTLS handles key exchange while SRTP encrypts the media packets.

Signalling system using audio frequencies generated by pressing keys on a telephone keypad. In VoIP systems, DTMF is transmitted in-band, via RFC 2833/4733 (RTP) or SIP INFO messages.

International ITU-T standard for telephone number formats. Numbers include the country code without a leading zero, e.g. +43 5577 21707. In SIP URIs, E.164 is often encoded as tel:+43557721707 or sip:+43557721707@provider.at.

Security solution that continuously monitors endpoints (PCs, servers, mobile devices), detects threats in real time, responds automatically and provides forensic data for analysis. Goes significantly beyond traditional antivirus.

Software system for the integrated planning and control of all key business processes (finance, procurement, production, warehouse, HR). Well-known systems: SAP, Microsoft Dynamics, BMD.

Automatic switchover to a backup system or replacement server when the primary system fails. The goal is to maintain operations with no or minimal interruption (high availability).

Network security system that filters traffic based on rules and blocks unwanted connections. Next-Generation Firewalls (NGFW) extend this with Deep Packet Inspection (DPI), IPS, SSL inspection and application recognition.

Software permanently embedded in hardware devices (e.g. BIOS/UEFI on motherboards, firmware in routers and switches) that controls fundamental device functions. Regular firmware updates close security vulnerabilities and improve stability.

Transmission of fax messages over IP networks. Standard method: T.38 for real-time fax over SIP. Since VoIP compression distorts fax tones, T.38 or a dedicated fax solution is required. Alternative: store-and-forward via email as PDF.

Analogue interface type emulating the network (PSTN) side of a connection. An FXO port on a VoIP gateway receives calls from the public telephone network and converts them to VoIP packets. Counterpart to FXS.

Analogue interface type emulating the subscriber side: provides analogue devices (phone, fax) with ringing voltage and dial tone. An FXS port on an ATA or VoIP gateway connects analogue devices to an IP phone system. Counterpart to FXO.

ITU-T voice codec with uncompressed transmission at 64 kbit/s. Variants: G.711 µ-law (USA, Japan) and G.711 A-law (Europe). Provides PSTN voice quality and is supported as the baseline codec in virtually all VoIP systems.

Wideband voice codec (HD Voice) at 16 kHz sample rate and 48/56/64 kbit/s. Noticeably better voice quality than G.711 due to the transmission of higher voice frequency content. Requires HD-Voice-capable endpoints and network components.

Compressed voice codec at 8 kbit/s (A variant: G.729a). Very low bandwidth requirement, ideal for narrow-band WAN links. Slight quality reduction compared to G.711; licence-required (included in many PBX systems).

ITU-T standard for multimedia communication (audio, video, data) over IP networks, developed in the 1990s. Largely replaced by SIP in enterprises, but still found in older-generation video conferencing systems (Cisco, Polycom).

System or service deliberately exposed as a decoy to attract attackers and document their methods, tools and attack paths. Provides early warning and analysis of attack techniques without risking production systems.

Telephone system (PBX) hosted in a data centre or cloud rather than on-premises. The provider handles operation, updates and redundancy; the customer uses IP phones or softphones. Also known as Cloud PBX or UCaaS.

Software or hardware layer that runs multiple virtual machines (VMs) on a single physical host. Type 1 (bare-metal): VMware ESXi, Microsoft Hyper-V, Proxmox. Type 2 (hosted): VMware Workstation, VirtualBox.

Cloud service model providing virtualised computing resources (servers, storage, networking) as scalable services. Examples: Microsoft Azure VMs, AWS EC2. Contrast: PaaS (Platform) and SaaS (Software).

Framework and software for managing digital identities and access rights. Ensures each user can only access the resources they need (least privilege). Covers authentication, authorisation, SSO and user provisioning.

Interconnection of physical devices (sensors, machines, appliances, industrial equipment) with the internet for automated data collection and control. IoT devices often have weak security features – network segmentation via VLAN is recommended.

Security system that analyses network traffic in real time and actively blocks known attack patterns (unlike IDS, which only detects and reports). Typically integrated into NGFW firewalls.

Digital telephone network over copper lines transmitting voice and data over the same infrastructure. Variants: BRI (basic rate, 2 channels) and PRI (primary rate, 30 channels). Largely replaced by All-IP/SIP trunking in Europe.

Set of processes for planning, delivering and continuously improving IT services. Commonly based on the ITIL framework. Core processes: incident management, problem management, change management and service request management.

Automated voice menu system that guides callers through options using pre-recorded prompts and DTMF input (e.g. "Press 1 for support"). Reduces the load on manual receptionists and automatically routes callers.

Variation in the arrival time of data packets in an IP network. In VoIP, high jitter causes uneven playback and distortion. Jitter buffers on endpoints buffer packets to enable smooth playback.

Transmission delay of data packets from sender to receiver (one-way delay). ITU-T G.114 recommends a maximum one-way delay of 150 ms for VoIP. Above 400 ms, calls become difficult to hold.

Protocol for accessing and managing directory services (e.g. Active Directory). Widely used for authentication and user lookup in enterprise applications and SIP PBX systems.

Hardware or software component distributing incoming network requests evenly across multiple servers, improving availability and scalability. Common algorithms: round robin, least connections, IP hash. Deployed in front of web, application and API servers.

Software solution for centrally managing, configuring and securing mobile devices (smartphones, tablets, laptops). Enables remote wipe, app deployment, certificate management and compliance checks. Notable systems: Microsoft Intune, Jamf.

Outsourced security service providing threat detection, analysis and response through an external SOC team. Combines EDR technology, SIEM analysis and human expert review – 24/7 protection without an in-house SOC.

Authentication method combining at least two independent factors: knowledge (password), possession (token, smartphone) and inherence (biometrics). Significantly increases account security even with compromised passwords.

Standardised metric (ITU-T P.800) for rating perceived voice quality in telephone connections, scale 1–5. MOS ≥ 4.0 is considered very good (comparable to PSTN), ≥ 3.5 acceptable for VoIP calls.

IT service provider that takes over the proactive operation and management of a client's IT infrastructure – typically under a Service Level Agreement (SLA). Services include monitoring, helpdesk, patch management and backup.

MSP focused on IT security services: firewall management, EDR, SIEM, SOC monitoring, incident response and vulnerability management. Provides 24/7 security monitoring without an in-house SOC.

Network storage solution providing file shares (SMB/CIFS, NFS) to network clients. Unlike SAN (block-level), NAS operates at file level. Vendors: Synology, QNAP, NetApp.

Process translating private IP addresses (RFC 1918) to public IP addresses. In VoIP environments, NAT can cause issues (NAT traversal) because SIP packets embed the private IP in the SDP body.

Techniques for overcoming NAT barriers in SIP/RTP connections. Methods: STUN (discovers external IP/port), TURN (relay server), ICE (combines both), SBC (Session Border Controller). Essential for SIP trunks over the internet.

Security solution that continuously analyses network traffic to detect suspicious activity (lateral movement, data exfiltration, C2 communication). Complements EDR with network-based visibility – especially for unmanaged devices and IoT.

IP-based network architecture replacing traditional circuit-switched telephone networks (PSTN, ISDN). In NGNs all services (voice, data, video) are transported over the same IP network. Driver: All-IP migration by European telcos including Austria.

Open, royalty-free audio codec (RFC 6716) developed by IETF/Xiph.Org. Supports bit rates from 6–510 kbit/s, variable sample rates (8–48 kHz) and is ideal for WebRTC and modern UCaaS solutions.

Cloud service model providing a development platform (runtime, database, middleware) without requiring the user to manage the underlying infrastructure. Examples: Azure App Service, Google App Engine, Heroku.

Systematic process for distributing and applying software updates (patches) to operating systems and applications. Goal: closing security vulnerabilities and fixing bugs. Typically automated with Remote Management tools.

Private telephone switching system within a company that handles internal calls and manages external lines (PSTN, SIP trunk). Modern IP-PBX systems (e.g. Starface) are fully SIP/VoIP-based.

Authorised security test where IT experts probe a system, network or application for vulnerabilities – simulating a real attacker. Types: black box (no prior information), white box (full documentation), grey box.

Form of social engineering where attackers impersonate a trusted entity via email, SMS (smishing) or phone (vishing) to steal credentials, payment information or other sensitive data. Countermeasures: security awareness training and MFA.

System for creating, managing, distributing and revoking digital certificates and key pairs (asymmetric cryptography, RSA/ECC). Enables encrypted communication (TLS/HTTPS), digital signatures and authentication.

ISDN business connection with up to 30 bearer channels (B channels) and one signalling channel (D channel) – E1 in Europe, T1 in North America (23 B channels). Increasingly replaced by SIP trunking.

The traditional, circuit-switched telephone network (copper wire, ISDN). Increasingly replaced by VoIP/SIP-based NGN (Next Generation Networks). In Austria, the analogue switch-off is underway.

Mechanisms for prioritising network traffic to guarantee bandwidth, low latency and low jitter for time-sensitive applications like VoIP. Implemented via VLAN tagging (802.1p) and DSCP values in the IP header.

Technology combining multiple disks for increased redundancy and/or performance. Common levels: RAID 1 (mirroring), RAID 5 (parity, 1 disk tolerance), RAID 6 (2 disk tolerance), RAID 10 (mirroring + striping). Not a backup replacement!

Malware that encrypts files on infected systems and demands a ransom (usually cryptocurrency) for decryption. Common infection vectors: phishing emails, compromised RDP access. Protection: regular backups (3-2-1), EDR and Zero Trust.

Protocol developed by Microsoft for remote control of Windows systems. Transmits screen output and user input encrypted over TCP port 3389. Should never be exposed directly to the internet (use VPN).

The foundational IETF standard defining the Session Initiation Protocol (SIP). Describes message format, methods (INVITE, BYE, REGISTER, OPTIONS…), dialogues, transactions and the SIP component architecture.

Software platform for MSPs to centrally monitor, manage and remotely maintain endpoints and servers. Enables automatic patching, alerting, remote access and asset inventory. ITworx relies on professional Remote Management solutions.

Maximum tolerable data loss in the event of a disaster, expressed as time. An RPO of 4 hours means data from up to 4 hours before the outage may be lost.

Maximum tolerable downtime before a system must be restored after a failure. An RTO of 2 hours means operations must be running again within 2 hours of an outage.

Network protocol (RFC 3550) for transmitting real-time media (audio, video) in VoIP systems. Runs over UDP and includes sequence numbers and timestamps for jitter compensation. Media parameters are negotiated via SDP.

Transfer of an existing telephone number from one provider to another without changing the number (Local Number Portability – LNP). Legally regulated in Austria (TKG 2021). Applies to fixed-line and mobile numbers; typical porting duration: 5–10 business days.

Cloud service model where applications are delivered as a service over the internet without local installation. Examples: Microsoft 365, Salesforce, Slack. Typically billed per user/month.

High-performance block storage network that provides servers with raw storage blocks (like local disks). Unlike NAS (file level), SAN operates at block level. Protocols: Fibre Channel, iSCSI.

Cloud-native architecture model (Gartner, 2019) combining networking (SD-WAN) and security functions (CASB, SWG, ZTNA, FWaaS) in a single cloud-delivered service. Provides location-independent, identity-based access to enterprise resources.

Network element at the border between SIP networks providing NAT traversal, security (SIP firewall, SRTP), protocol normalisation and interoperability between different SIP stacks. Essential for SIP trunk connections.

Technology for software-defined management of WAN connections. Enables intelligent traffic routing across multiple links (MPLS, internet, LTE), cost savings and centralised management. Often includes integrated SD-WAN security features.

Protocol (RFC 4566) embedded in the body of SIP messages that describes media parameters of a VoIP session: codec list, IP address and UDP port for RTP, transmission direction (sendrecv, sendonly, recvonly).

Platform that centralises, correlates and analyses security-relevant log data from various sources (firewall, servers, endpoints) in real time. Enables early attack detection and meets compliance requirements.

IETF-standardised signalling protocol (RFC 3261) for establishing and terminating multimedia sessions over IP networks. SIP is text-based (similar to HTTP) and used for VoIP, video conferencing and instant messaging. Media data is transported separately via RTP.

Mechanism by which an incoming SIP call is simultaneously or sequentially forwarded to multiple endpoints registered under the same SIP URI (e.g. IP phone and softphone). Parallel forking rings all devices simultaneously; sequential forking rings them one by one.

Uniform Resource Identifier for SIP addresses, similar to an email address: sip:user@domain.com or sip:+43557721707@provider.at. Used in SIP messages to address participants, servers and services.

Virtual telephone line connecting a PBX to a SIP provider (ITSP) over IP, enabling access to the public telephone network (PSTN). Replaces traditional ISDN Primary Rate Interfaces (PRI). ITworx uses IPAustria as SIP provider.

Contractual agreement between an IT service provider and customer defining quality parameters: response time, resolution time, availability (e.g. 99.9 %), support hours and potential penalties. Foundation of ITSM incident management.

Protocol for transmitting emails between mail servers and from clients to mail servers (port 25, 465/587 with TLS). Together with IMAP (receive/sync) and POP3 (receive, local download), the backbone of email communication.

Protocol for monitoring and managing network devices (routers, switches, servers, printers). SNMP agents on devices deliver status information (MIB values) to central monitoring software. Version 3 provides authentication and encryption.

Platform that orchestrates security tools (SIEM, EDR, firewall, ticketing) and automates incident response workflows. Playbooks define standardised threat responses – reducing mean time to respond (MTTR) and relieving SOC analysts.

Unit or service that continuously (24/7) monitors security events, analyses them and responds to incidents. As an external service (Managed SOC), an MSSP provides SOC functionality without requiring in-house staff.

Psychological manipulation technique exploiting human factors (trust, helpfulness, urgency) to obtain confidential information or trigger actions. Best-known form: phishing. Countermeasure: security awareness training.

Software application on a PC, smartphone or tablet replacing a physical IP phone. Uses SIP for signalling and RTP for media. Enables full telephony functionality from anywhere with internet access.

Encrypted variant of RTP (RFC 3711) for the secure transmission of media data (audio/video) in VoIP systems. Uses AES encryption. Key exchange via SDES (in SDP) or DTLS-SRTP (for WebRTC).

Authentication method where a user logs in once and can then access multiple applications and services without logging in again. Often implemented with an Identity Provider (IdP) such as Microsoft Entra ID or Okta.

Protocol (RFC 8489) enabling VoIP endpoints behind NAT to discover their public IP address and the UDP port assigned by the NAT router. Result is placed in SDP packets so the remote party can send media (RTP) directly.

ITU-T protocol for real-time fax transmission over IP networks. Converts fax signals into IP packets and compensates for packet loss through redundancy. Necessary because standard VoIP codecs (G.711) distort fax modem tones.

Windows programming interface for integrating telephony features into applications (click-to-dial, call control, call logging). Foundation of many CTI integrations with CRM systems such as Salesforce or Microsoft Dynamics.

Cryptographic protocol for encrypted data transmission over networks. Successor to SSL. In SIP, TLS is used on the TCP/UDP transport (SIPS URI: sips:user@domain.com) to encrypt SIP signalling; SRTP protects media packets.

Extension of STUN (RFC 8656) where a TURN server acts as a relay for media packets when direct peer-to-peer connections (e.g. due to symmetric NAT or firewalls) are not possible. Guarantees connectivity but increases latency and bandwidth usage.

Integration of various communication services (telephony, video, chat, email, presence status, fax) into a unified platform. Examples: Microsoft Teams (Phone System), Starface UCC, Cisco Webex. Goal: simplifying communication and boosting productivity.

Uninterruptible Power Supply – protects IT systems from power outages, voltage fluctuations and surges. Enables controlled server shutdown or bridging until a generator kicks in.

Security platform combining multiple protection mechanisms in one device: firewall, IPS, antivirus, web filter, VPN and application control. Increasingly superseded by NGFW (Next-Generation Firewall).

Technology where desktop operating systems run as virtual machines on central servers, accessed by users via thin clients or browsers. Advantages: centralised management, higher security, BYOD compatibility.

Logical segmentation of a physical network into multiple isolated sub-networks (IEEE 802.1Q). Enables separation of e.g. office data, VoIP, guest Wi-Fi and management traffic without separate physical infrastructure.

Software emulation of a physical computer running on a hypervisor. Multiple VMs share the resources of a physical host (CPU, RAM, storage). Enables higher resource utilisation, rapid provisioning and easy backup via snapshots.

Umbrella term for voice communication over IP networks. VoIP systems digitise voice data, compress it with a codec and transmit it as IP packets. SIP is the most widely used signalling protocol for VoIP.

Encrypted tunnel over a public network (internet) enabling secure communication as if participants were on the same private network. Technologies: IPsec, OpenVPN, WireGuard, SSL-VPN.

Security solution that monitors and filters HTTP/HTTPS traffic to web applications. Protects against OWASP Top 10 attacks such as SQL injection, cross-site scripting (XSS) and other web-specific threats.

Open standard (W3C/IETF) for real-time audio, video and data communication directly in the browser without plugins. Uses ICE/STUN/TURN for NAT traversal, DTLS-SRTP for media encryption and the Opus codec. Foundation of modern browser-based softphones.

Wireless local area network based on the IEEE 802.11 standard. Current standards: Wi-Fi 5 (802.11ac), Wi-Fi 6 (802.11ax), Wi-Fi 6E (6 GHz band). For businesses: WPA3 encryption, separate SSIDs for staff, guests and IoT, and centralised controller management are recommended.

Evolution of EDR that correlates telemetry data from multiple sources (endpoints, network, email, cloud, identity) in a single platform. Enables holistic threat detection across silos and automated response.

Security model that assumes no implicit trust in any network entity – internal or external. Every resource request is explicitly authenticated and authorised (principle: "never trust, always verify"). Based on MFA, micro-segmentation and least-privilege access.

Attack exploiting a security vulnerability unknown to the vendor and therefore unpatched. The period between discovery and an available patch is called the zero-day window. Particularly dangerous as no signature-based detection is possible.

Access model replacing traditional VPN: instead of network access, ZTNA grants access only to specific applications – based on identity, device posture and context. Implements the Zero Trust principle at the network layer. Core component of SASE.