378 CHAPTER 19: CONFIGURING AND MANAGING SECURITY ACLS
Figure 29 Setting Security ACLs
Security ACL Filters A security ACL filters packets to restrict or permit network traffic. These
filters can then be mapped by name to authenticated users, ports, VLANs,
virtual ports, or Distributed MAPs. You can also assign a class-of-service
(CoS) level that marks the packets matching the filter for priority
handling.
A security ACL contains an ordered list of rules called access control
entries (ACEs), which specify how to handle packets. An ACE contains an
action that can deny the traffic, permit the traffic, or permit the traffic
and apply to it a specific CoS level of packet handling. The filter can
include source and destination IP address information along with other
Layer 3 and Layer 4 parameters. Action is taken only if the packet
matches the filter.
ACLs in
edit buffer
null
Commited ACLs
null
ACLs mapped to ports,
VLANs, and virtual ports
ACLs mapped
to users
