Glossary of Terms
Note that mention of a term below does not imply that the feature described is necessarily supported.
A
ACE
An ACE (Access Control Entry) describes access permission associated with a particular ACE ID.
There are three ACE frame types (Ethernet Type, ARP, and IPv4) and two ACE actions (permit and deny).
The ACE also contains many detailed, different parameter options that are available for individual
application.
ACL
An ACL (Access Control List) is the list table of ACEs, containing access control entries that specify
individual users or groups permitted or denied to specific traffic objects, such as a process or a
program.
Each accessible traffic object contains an identifier to its ACL. The privileges determine whether there
are specific traffic object access rights.
ACL implementations can be quite complex, for example, when the ACEs are prioritized for the various
situation. In networking, the ACL refers to a list of service ports or network services that are available
on a host or server, each with a list of hosts or servers permitted or denied to use the service. ACL can
generally be configured to control inbound traffic, and in this context, they are similar to firewalls.
There are 3 web-pages associated with the manual ACL configuration:
ACL > Access Control List: The web page shows the ACEs in a prioritized way, highest (top) to lowest
(bottom). Default the table is empty. An ingress frame will only get a hit on one ACE even though there
are more matching ACEs. The first matching ACE will take action (permit/deny) on that frame and a
counter associated with that ACE is incremented. An ACE can be associated with a Policy, 1 ingress port,
or any ingress port (the whole switch). If an ACE Policy is created then that Policy can be associated
with a group of ports under the "Ports" web-page. There are number of parameters that can be
configured with an ACE. Read the Web page help text to get further information for each of them. The
maximum number of ACEs is 64.
ACL > Ports: The ACL Ports configuration is used to assign a Policy ID to an ingress port. This is useful
to group ports to obey the same traffic rules. Traffic Policy is created under the "Access Control List" -
page. You can you also set up specific traffic properties (Action / Rate Limiter / Port copy, etc.) for each
ingress port. They will though only apply if the frame gets past the ACE matching without getting
matched. In that case a counter associated with that port is incremented. See the Web page help text
for each specific port property.
ACL > Rate Limiters: Under this page you can configure the rate limiters. There can be 15 different rate
limiters, each ranging from 1-1024K packets per seconds. Under "Ports" and "Access Control List"
web-pages you can assign a Rate Limiter ID to the ACE(s) or ingress port(s).
AES
The AES (Advanced Encryption Standard) encryption key protocol is applied in 802.1i standard to
improve WLAN security. It is an encryption standard by the U.S. government, which will replace DES
and 3DES. AES has a fixed block size of 128 bits and a key size of 128, 192, or 256 bits.
Aggregation
Using multiple ports in parallel to increase the link speed beyond the limits of a port and to increase
the redundancy for higher availability. (Also Port Aggregation, Link Aggregation).
ARP
ARP (Address Resolution Protocol) is a protocol that is used to convert an IP address into a physical
address, such as an Ethernet address. ARP allows a host to communicate with other hosts when only
the Internet address of its neighbors is known. Before using IP, the host sends a broadcast ARP request
containing the Internet address of the desired destination system.
To Next Page
Loading...