174 | Chapter 5: Managing Device Security
FS728TP Smart Switch Software Administration Manual
Configuring Access Control Lists
Access Control Lists (ACLs) ensure that only authorized users have access to specific
resources while blocking off any unwarranted attempts to reach network resources. ACLs are
used to provide traffic flow control, restrict contents of routing updates, decide which types of
traffic are forwarded or blocked, and above all provide security for the network. FS728TP
Smart Switch software supports IPv4 and MAC ACLs.
Note: The FS728TP Smart Switch does not support mixed ACLs on same
interface. In other words, you can bind MAC ACLs or IP ACLs to an
interface, but you cannot bind both ACL types to an interface.
To configure an ACL, first create an IPv4-based or MAC-based ACL ID. Then, create a rule
and assign it to a unique ACL ID. Next, define the rules, which can identify protocols, source,
and destination IP and MAC addresses, and other packet-matching criteria. Finally, use the
ID number to assign the ACL to a port or to a LAG.
The Security ACL folder contains links to the following features:
• Basic:
• MAC ACL on page 174
• MAC Rules on page 175
• MAC Binding Configuration on page 177
• MAC Binding Table on page 178
• Advanced:
• IP ACL on page 179
• IP Rules on page 181
• IP Extended Rule on page 182
• IP Binding Configuration on page 185
• IP Binding Table on page 187
MAC ACL
A MAC ACL consists of a set of rules which are matched sequentially against a packet. When
a packet meets the match criteria of a rule, the specified rule action (Permit/Deny) is taken
and the additional rules are not checked for a match.
There are multiple steps involved in defining a MAC ACL and applying it to the switch:
1. Use the MAC ACL page to create the ACL ID.
2. Use the MAC Rules page to create rules for the ACL.
3. Use the MAC Binding Configuration page to assign the ACL by its ID number to a port.
To Next Page
Loading...
Need help?
General