Owner's Manual
Configuring Access Control Lists 523
20
Configuring Access Control Lists
This chapter describes how to configure Access Control Lists (ACLs),
including IPv4, IPv6, and MAC ACLs. This chapter also describes how to
configure time ranges that can be applied to any of the ACL types.
The topics covered in this chapter include:
• ACL Overview
• Configuring ACLs (Web)
• Configuring ACLs (CLI)
• ACL Configuration Examples
ACL Overview
Access Control Lists (ACLs) are a collection of permit and deny conditions,
called rules, that provide security by blocking unauthorized users and
allowing authorized users to access specific resources.
ACLs can also provide traffic flow control, restrict contents of routing
updates, and decide which types of traffic are forwarded or blocked. ACLs can
reside in a firewall router, a router connecting two internal networks, or a
Layer 3 switch, such as a
PowerConnect M6220/M6348/M8024/M8024-k
switch
.
You can also create an ACL that limits access to the management interfaces
based on the connection method (for example, Telnet or HTTP) and/or the
source IP address.
The PowerConnect M6220, M6348, M8024, and M8024-k switches support
ACL configuration in both the ingress and egress direction. Egress ACLs
provide the capability to implement security rules on the egress flows (traffic
leaving a port) rather than the ingress flows (traffic entering a port). Ingress
and egress ACLs can be applied to any physical port, port-channel (LAG), or
VLAN routing port.