259
Glossary of Web
-
Based Management
A
ACE
: ACE is an acronym for Access Control Entry. It describes the access permission
associated with a particular ACE ID. There are three ACE frame types (Ethernet
Type, ARP, and IPv4) and two ACE actions (Permit and Deny). The ACE also
contains different detailed parameter options that are available for individual
application.
ACL:
ACL is an acronym for Access Control List. It is the list of ACEs. It contains access
control entries that specify individual users or groups permitted or denied to
specific traffic objects, such as a process or a program.
Each accessible traffic object contains an identifier to its ACL. The privileges
determine whether there are specific traffic object access rights.
ACL implementations can be quite complex (e.g. when the ACEs are prioritized
for the various situation). In networking, the ACL refers to a list of service ports
or network services that are available on a host or server. Each has a list of
hosts or servers permitted or denied to use the service. ACL can generally be
configured to control inbound traffic (they are similar to firewalls).
There are 3 webpages associated with the manual ACL configuration:
ACL|Access Control List
: The web page shows the ACEs from highest (top)
to lowest (bottom). The default the table is empty. An ingress frame will
only get a hit on one ACE, even though there are other matching ACEs. The
first matching ACE will take action (permit/deny) on that frame and a
counter associated with that ACE is incremented. An ACE can be associated
with a policy, 1 ingress port, or any ingress port (the whole switch). If an
ACE policy is created, then that policy can be associated with a group of
ports under the "Ports" webpage. There are a number of parameters that
can be configured with an ACE. Read the webpage help text to get further
information. The maximum number of ACEs is 64.
ACL|Ports
: The ACL Ports configuration is used to assign a policy ID to an
ingress port. This is useful to group ports to obey the same traffic rules.
Traffic policy is created under the "Access Control List" page. You can also
set up specific traffic properties (Action, Rate Limiter, Port Copy and so on)
for each ingress port. They will only apply if the frame gets past the ACE
matching process without getting matched. In that case, a counter
associated with that port is incremented. See the webpage help text for
each specific port property.