D-Link DGS-6600-48TS Configuration Guide - Page 414
Access Control Lists (ACL), Overview, An Introduction to Access Control Lists
View all D-Link DGS-6600-48TS manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 414 highlights
Volume 8-Security & Authentication / Chapter 38-Access Control Lists (ACL) Chapter Overview Chapter 38 Access Control Lists (ACL) Chapter Overview The following topics are included in this chapter, please go to the topic for more detailed information: • Chapter Overview • An Introduction to Access Control Lists • Configuration Overview • ACL Configuration Commands • Configuring a Time Range Profile • Configuring Access Control Lists • Configuring IP Basic Access Control Lists • Configuring IP Extended Access Control Lists • Configuring IPv6 Extended Access Control Lists • Configuring MAC Extended Access Control Lists • Re-sequencing the Criteria Statements in Access Control Lists • Displaying Access Control Lists • Applying Access Control Lists to Interfaces • Configuration Examples • ACL Configuration Example • List of Constants and Default Settings An Introduction to Access Control Lists An Access Control List (ACL) provides security by controlling the filtering and forwarding of packets. When an access control list is setup, the device will examine the contents of the packet to determine whether to drop or forward the packet based on the specified criteria within the access list. The criteria can be the source or destination address of the packet, the type of protocol, etc. The checking of access control lists is performed by the filter processor of the Switch controller. An access control list can be used in many places. For example, an access control list can be applied to a routing protocol to control route updates. An access control list can also be used to control the traffic flow to provide the security guard for the network. When no access control lists are configured, all packets passing through the Switch can be forwarded to all parts of the network. Configuring access control lists allows the user to determine which hosts can access the network and which hosts cannot access the network. There are three types of access control lists, MAC access control lists, IP access control lists and IPv6 access control lists. MAC access control lists define the criteria based on the MAC layer fields in a packet. IP access control lists are further divided into IP basic access control lists and IP extended access control lists. IP basic access control lists define the criteria based on the source and destination IP address. IP extended access control lists allow the user to define the criteria based on additional fields such as the TCP port number, UDP port number, or IP layer header field, including the upper layer protocol type. IPv6 access control lists define the criteria based on the IPv6 packet fields. DGS-6600 Configuration Guide 414