C
HAPTER
4
| Configuring the Switch
Configuring Security
– 89 –
PARAMETERS
These parameters are displayed:
◆ Port - Port Identifier.
◆ Policy ID - An ACL policy configured on the ACE Configuration page
(page 93). (Range: 1-8; Default: 1, which is undefined)
◆ Action - Permits or denies a frame based on whether it matches a rule
defined in the assigned policy. (Default: Permit)
◆ Rate Limiter ID - Specifies a rate limiter (page 90) to apply to the
port. (Range: 1-15; Default: Disabled)
◆ Redirect to - Defines a port to which matching frames are re-directed.
(Range: 1-28; Default: Disabled)
To use this function, Action must be set to Deny for the local port.
◆ Mirror - Mirrors matching frames from this port. (Default: Disabled)
To use this function, the destination port to which traffic is mirrored
must be configured on the Mirror Configuration page (see "Configuring
Port Mirroring" on page 194).
ACL-based port mirroring set by this parameter and port mirroring set
on the general Mirror Configuration page are implemented
independently. To use ACL-based mirroring, enable the Mirror
parameter on the ACL Ports Configuration page. Then open the Mirror
Configuration page, set the “Port to mirror on” field to the required
destination port, and leave the “Mode” field Disabled.
◆ Logging - Enables logging of matching frames to the system log.
(Default: Disabled)
Open the System Log Information menu (page 201) to view any entries
stored in the system log for this entry. Related entries will be displayed
under the “Info” or “All” logging levels.
◆ Shutdown - Shuts down a port when a macthing frame is seen.
(Default: Disabled)
◆ Counter - The number of frames which have matched any of the rules
defined in the selected policy.
WEB INTERFACE
To configure ACL policies and responses for a port:
1. Click Configuration, ACL, Ports.
2. Assign an ACL policy configured on the ACE Configuration page, specify
the responses to invoke when a matching frame is seen, including the
filter mode, copying matching frames to another port, logging matching
frames, or shutting down the port. Note that the setting for rate limiting
is implemented regardless of whether or not a matching packet is seen.
To Next Page
Loading...
Need help?
General
