Manualshelf

Access Security Guide K/KA/KB.15.15

ManualsBrandsHP ManualsNetwork HardwareHP 5406R-8XGT/8SFP+ (No PSU) v2 zl2 Switch
11121314151617181920
ACE counter operation.....................................................................................................297
Resetting ACE Hit counters to zero......................................................................................297
Using IPv6 counters with multiple interface assignments .......................................................298
Using IPv4 counters with multiple interface assignments .......................................................299
Overview............................................................................................................................301
Introduction.....................................................................................................................301
General ACL operating notes............................................................................................303
About IPv4 static ACL operation.........................................................................................304
Introduction to IPv4 static ACL operation.........................................................................304
Options for applying IPv4 ACLs on the switch.................................................................305
Static ACLS............................................................................................................305
RADIUS-assigned ACLs...........................................................................................305
Types of IPv4 ACLs......................................................................................................305
Standard ACL........................................................................................................305
Named and numbered standard ACL........................................................................306
Extended ACL........................................................................................................306
Connection Rate ACL..............................................................................................306
ACL applications.........................................................................................................306
ACL Mirroring........................................................................................................307
RACL applications..................................................................................................307
VACL applications..................................................................................................308
Static port ACL and RADIUS-assigned ACL applications...............................................308
RADIUS-assigned (dynamic) port ACL applications......................................................308
Multiple ACLs on an interface.......................................................................................310
For a packet to be permitted, it must have a match with a "permit" ACE in all applicable
ACLs assigned to an interface..................................................................................311
Exception for Connection-Rate filtering.......................................................................312
Features common to all ACL applications........................................................................312
General steps for planning and configuring ACLs............................................................313
The packet-filtering process...........................................................................................314
Sequential comparison and action............................................................................314
Implicit Deny..........................................................................................................314
Example................................................................................................................314
Operating notes for remarks.........................................................................................316
Planning an ACL application........................................................................................316
IPv4 traffic management and improved network performance.......................................317
Security.................................................................................................................317
Guidelines for planning the structure of a static ACL....................................................318
Configuring standard ACLs...........................................................................................318
Editing an existing ACL................................................................................................319
Using the CLI to edit ACLs.......................................................................................319
General editing rules..............................................................................................319
Sequence numbering in ACLs...................................................................................320
IPv4 ACL configuration and operating rules....................................................................320
How an ACE uses a mask to screen packets for matches..................................................322
What Is the difference between network (or subnet) masks and the masks used with
ACLs?...................................................................................................................322
Rules for defining a match between a packet and an access control entry (ACE).............323
Using CIDR notation to enter the IPv4 ACL mask..............................................................326
General steps for implementing ACLs.............................................................................327
Options for permit/deny policies...................................................................................327
ACL configuration structure...........................................................................................328
Standard ACL structure............................................................................................328
Extended ACL configuration structure........................................................................329
ACL configuration factors.............................................................................................330
Contents 13