Network Security > ACL
Network Security
184
RM GUI HiSecOS EAGLE20/30
Release
3.0
09/2015
Network Security > ACL
4.17 ACL
In this menu, you specify the settings for the Access Control Lists (ACL).
Access Control Lists contain rules which the device applies successively to
the data stream on its ports or VLANs.
If a data packet complies with the criteria of one or more rules, the device
applies the action specified in the first rule applying to the data stream. The
device ignores the rules following. Possible actions include:
permit
: The device transmits the data packet to a port or to a VLAN.
deny
: The device drops the data packet.
In the default setting, the device forwards every data packet. Once you
assign an Access Control List to an interface or VLAN, there is changing this
behavior. The device enters at the end of an Access Control List an implicit
"deny all" rule. Consequently, the device discards data packets that do not
meet any of the rules. If you want a different behavior, add a "permit" rule at
the end of your Access Control Lists.
Proceed as follows to set up Access Control Lists and rules:
Create a rule and specify the rule settings, see the
Network Security >
ACL
> IPv4 Rule
dialog, or the
Network Security > ACL > MAC Rule
dialog.
Assign the Access Control List to the Ports and VLANs of the device, see
the
Network Security > ACL > Assignment
dialog.
Comparing ACLs to packet filters:
ACLs filter the data stream by using hardware, so the processing time is
shorter.
ACLs provide coarse filtering.
ACLs process data traffic before packet filtering.
ACLs filter by IP or MAC address.
To Next Page
Loading...