Netgear GSM7224v2 - 24-Port Layer 2 Managed Gigabit Switch User Manual
524
|
Chapter 6. Managing Device Security
ProSafe® Gigabit L3 Managed Stackable Switches Software Administration Manual
Configuring Access Control Lists
Access Control Lists (ACLs) ensure that only authorized users have access to specific
resources while blocking off any unwarranted attempts to reach network resources. ACLs are
used to provide traffic flow control, restrict contents of routing updates, decide which types of
traffic are forwarded or blocked, and above all provide security for the network. ProSafe®
Managed Switches software supports IPv4 and MAC ACLs.
resources while blocking off any unwarranted attempts to reach network resources. ACLs are
used to provide traffic flow control, restrict contents of routing updates, decide which types of
traffic are forwarded or blocked, and above all provide security for the network. ProSafe®
Managed Switches software supports IPv4 and MAC ACLs.
You first create an IPv4-based or MAC-based ACL ID. Then, you create a rule and assign it
to a unique ACL ID. Next, you define the rules, which can identify protocols, source, and
destination IP and MAC addresses, and other packet-matching criteria. Finally, use the ID
number to assign the ACL to a port or to a LAG.
to a unique ACL ID. Next, you define the rules, which can identify protocols, source, and
destination IP and MAC addresses, and other packet-matching criteria. Finally, use the ID
number to assign the ACL to a port or to a LAG.
The Security
ACL folder contains links to the following features:
Basic
The Basic folder contains links to the following features:
MAC ACL
A MAC ACL consists of a set of rules which are matched sequentially against a packet. When
a packet meets the match criteria of a rule, the specified rule action (Permit/Deny) is taken
and the additional rules are not checked for a match. On this menu the interfaces to which an
MAC ACL applies must be specified, as well as whether it applies to inbound or outbound
traffic. Rules for the MAC ACL are specified/created using the MAC ACL Rule Configuration
menu.
a packet meets the match criteria of a rule, the specified rule action (Permit/Deny) is taken
and the additional rules are not checked for a match. On this menu the interfaces to which an
MAC ACL applies must be specified, as well as whether it applies to inbound or outbound
traffic. Rules for the MAC ACL are specified/created using the MAC ACL Rule Configuration
menu.
There are multiple steps involved in defining a MAC ACL and applying it to the switch:
1.
Use the
2.
Use the
3.
Use the
page to assign the ACL by its ID number to a port.
4.
Optionally, use the
page to view the configurations.