Configuring Access Control Lists 539
20
Configuring Access Control Lists
This chapter describes how to configure Access Control Lists (ACLs),
including IPv4, IPv6, and MAC ACLs. This chapter also describes how to
configure time ranges that can be applied to any of the ACL types.
The topics covered in this chapter include:
• ACL Overview
• Configuring ACLs (Web)
• Configuring ACLs (CLI)
• ACL Configuration Examples
ACL Overview
Access Control Lists (ACLs) are a collection of permit and deny conditions,
called rules, that provide security by blocking unauthorized users and
allowing authorized users to access specific resources.
ACLs can also provide traffic flow control, restrict contents of routing
updates, and decide which types of traffic are forwarded or blocked. ACLs can
reside in a firewall router, a router connecting two internal networks, or a
Layer 3 switch, such as a
PowerConnect 7000 Series switch
.
The
PowerConnect 7000 Series switches
support ACL configuration in both
the ingress and egress direction. Egress ACLs provide the capability to
implement security rules on the egress flows (traffic leaving a port) rather
than the ingress flows (traffic entering a port). Ingress and egress ACLs can be
applied to any physical port, port-channel (LAG), or VLAN routing port.
Depending on whether an ingress or egress ACL is applied to a port, when the
traffic enters (ingress) or leaves (egress) a port, the ACL compares the criteria
configured in its rules, in order, to the fields in a packet or frame to check for
matching conditions. The ACL forwards or blocks the traffic based on the
rules.
To Next Page
Loading...
