Manualshelf

TMS zl Management and Configuration Guide ST.1.0.090213

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
261262263264265266267268269270
4-19
Firewall
Firewall Access Policies
Firewall Access Policies
A network’s first line of defense is its firewall, and the firewall’s access policies
determine its effectiveness. The access policies tell the firewall which types
of traffic are allowed to cross TMS VLAN boundaries. Firewall access policies
specify what kind of traffic can cross zonal boundaries and under what
circumstances.
The policies are classified by two factors:
Source and Destination Zones
Firewall access policies are grouped by the source and destination zones.
A policy may designate any of the 10 zones as the source or destination
zone or both.
Traffic Type
Firewall access policies can be made to apply to unicast or multicast
traffic. These access policies are referred to as unicast and multicast
access policies, respectively. See “Traffic Types” on page 4-21.
Additionally, the TMS zl Module firewall access policies can limit traffic based
on several conditions:
Schedule
Access policies can be applied at a specific time and/or on selected days.
Source and/or Destination Address
Access policies may apply to specific source and/or destination addresses
inside a zone.
Service
Access policies might be applied to specific application-level services
such as HTTP, FTP, or SNMP.
User Group
You can create user groups, then configure policies that apply only to the
users in that group. Access policies assigned to user groups are applied
first, then the general access policies are applied. Access policies that are
not explicitly assigned to user groups (general access policies) apply to
all traffic.
Rate
You can impose rate limits on access policies.