Glossary
A
B
C
D
E
F
G
H
I
J K
L
M
N
O
P
Q
R
S
T
U
V
W
X Y Z
A
ACE
ACE
is an acronym for Access Control Entry. It describes access permission associated with a
particular ACE ID.
There are three ACE frame types (
Ethernet Type
,
ARP
, and IPv4) and two ACE actions
(permit and deny). The ACE also contains many detailed, different parameter options that are
available for individual application.
ACL
ACL
is an acronym for Access Control List. It is the list table of
ACE
s, containing access
control entries that specify individual users or groups permitted or denied to specific traffic
objects, such as a process or a program.
Each accessible traffic object contains an identifier to its ACL. The privileges determine
whether there are specific traffic object access rights.
ACL implementations can be quite complex, for example, when the ACEs are prioritized for
the various situation. In networking, the ACL refers to a list of service ports or network
services that are available on a host or server, each with a list of hosts or servers permitted or
denied to use the service. ACL can generally be configured to control inbound traffic, and in
this context, they are similar to firewalls.
There are 3 web-pages associated with the manual ACL configuration:
-131-
ACL|Access Control List: The web page shows the ACEs in a prioritized way, highest (top) to
lowest (bottom). Default the table is empty. An ingress frame will only get a hit on one ACE
even though there are more matching ACEs. The first matching ACE will take action
(permit/deny) on that frame and a counter associated with that ACE is incremented. An ACE
can be associated with a Policy, 1 ingress port, or any ingress port (the whole switch). If an
ACE Policy is created then that Policy can be associated with a group of ports under the
"Ports" web-page. There are number of parameters that can be configured with an ACE. Read
the Web page help text to get further information for each of them. The maximum number of
ACEs is 64.
ACL|Ports: The ACL Ports configuration is used to assign a Policy ID to an ingress port. This
is useful to group ports to obey the same traffic rules. Traffic Policy is created under the
"Access Control List" - page. You can you also set up specific traffic properties (Action / Rate
Limiter / Port copy, etc) for each ingress port. They will though only apply if the frame gets
Summary of Contents for KGS-2421
Page 1: ...KGS 2421 KGS 1620 Web Management Interface User s Manual 1 DOC 110616 ...
Page 61: ...2 8 MAC Table Screen of 24 Port Switch 61 ...
Page 78: ...2 11 5 Wizard This handy wizard helps you set up a QCL quickly 78 ...
Page 79: ...2 11 6 Wizard Port Policies Screen of 24 Port Switch Screen of 16 Port Switch 79 ...
Page 97: ...3 3 Security 3 3 1 Network 97 ...
Page 106: ...3 4 2 Port Status Screen of 24 Port Switch 106 ...