Glossary

Dec 20th 2025

Enclave: A protected execution environment (e.g. hardware- or software-based) that isolates a portion of code and data such that even the host OS or hypervisor cannot tamper with or inspect it.

vnet: vnet (for virtual network) is a network prefix in the overlay range mapping to an underlying network (typically a VLAN). vnet are the basis of routing between access gates.

OT (Operational Technology): Systems and devices that monitor or control physical processes, as opposed to Information Technology (IT). In network security, “OT” often refers to industrial control systems, SCADA, sensors, actuators, etc.

TLS (Transport Layer Security): A cryptographic protocol to provide secure communications over a network. It ensures confidentiality, integrity, and authenticity of the exchanged data.

Syslog: A standard for message logging. An Access Gate conatins a syslog pipeline (server & client) to be able to collect event messages from local clients and forward them skimmed to a log storage or SIEM.

Log Skimming: The process of extracting, filtering, or sampling portions of log data (e.g. high-value entries) while discarding less relevant entries to reduce storage or processing overhead.

Access Gate: (In Trout’s context) the network access control gateway component that mediates and enforces policies over assets, monitors traffic, and applies encryption or compliance rules.

Overlay Network: A virtual network built on top of another network. In the context of Trout, an overlay may allow segmented network paths or secure tunnels across underlying infrastructure.

Virtual Private Network (VPN): A secure, encrypted connection (“tunnel”) between endpoints over a public or untrusted network, making it seem as if they are on the same private network.

NTP (Network Time Protocol): A protocol to synchronize clocks of computer systems over packet-switched, variable-latency data networks.

Session Token / Access Token: A cryptographically signed credential used to represent an authenticated user session, granting certain access rights for a limited period.