LogoLogo
  • EWS Series User Manual
  • Product Overview
    • Introduction
    • LED Behavior
    • Comparison Table
    • Technical Specification
  • Getting Started
    • Management Interface
    • Connecting the Switch
  • Wireless Controller Features
    • Managing EnSky Access Points
    • Device Management
      • Access Points
      • Access Point Settings
      • AP Groups
      • Wireless Services
    • Monitor
      • Active Clients
      • Rogue AP Detection
      • System Log
      • Email Alert
    • Visualization
      • Topology View
      • Map View
      • Floor View
      • Mesh View
    • Statistics
      • Access Points
      • Wireless Clients
      • Real-Time Throughput
    • Hotspot Services
      • Captive Portal
      • Guest Account
    • Mesh
      • Mesh Profile
      • Node List
      • Mesh Tools
      • Isolated Nodes
    • Maintenance
      • Schedule Tasks
      • Troubleshooting
      • Bulk Upgrade
      • One-click Update
      • SSL Certificate
      • Check Codes
  • Ethernet Switch Features
    • System
      • Summary
      • Network Settings
      • System Time
      • Port Settings
      • PoE
      • EEE
    • L2 Features
      • Link Aggregtion
      • STP
      • MAC Address Table
      • LLDP
      • IGMP Snooping
      • MLD Snooping
      • Jumbo Frame
    • VLAN
      • 802.1Q
      • PVID
      • Voice VLAN
    • Management
      • System Information
      • User Management
      • Dual Image
      • SNMP
    • ACL
      • MAC ACL
      • MAC ACE
      • IPv4 ACL
      • IPv4 ACE
      • IPv6 ACL
      • IPv6 ACE
      • ACL Binding
    • QoS
      • Global Settings
      • CoS Mapping
      • DSCP Mapping
      • Port Settings
      • Bandwidth Control
      • Storm Control
    • Security
      • 802.1x
      • Radius Server
      • Access
      • Port Security
      • Port Isolation
      • DoS
    • Monitoring
      • Port Statistics
      • RMON
      • Log
    • Diagnostics
      • Cable Diagnostics
      • Ping Test
      • IPv6 Ping Test
      • Trace Route
    • Maintenance
      • Configuration Manager
      • Firmware Upgrade
  • Appendix
    • Appendix A
    • Appendix B
    • Appendix C
Powered by GitBook
On this page

Was this helpful?

Export as PDF
  1. Ethernet Switch Features

ACL

An Access Control List (ACL) allows you to define classification rules or establish criteria to provide security to your network by blocking unauthorized users and allowing authorized users to access specific areas or resources. ACLs can provide basic security for access to the network by controlling whether packets are forwarded or blocked at the switch ports. Access Control Lists (ACLs) are filters that allow you to classify data packets according to content in the packet header, such as the source address, destination address, source port number, destination port number, and more. Packet classifiers identify flows for more efficient processing. Each filter defines the conditions that must match for inclusion in the filter. ACLs (Access Control Lists) provide packet filtering for IP frames (based on the protocol, TCP/UDP port number or frame type) or layer 2 frames (based on any destination MAC address for unicast, broadcast, or multicast, or based on VLAN ID or VLAN tag priority). ACLs can be used to improve performance by blocking unnecessary network traffic or to implement security controls by restricting access to specific network resources or protocols. Policies can be used to differentiate service for client ports, server ports, network ports, or guest ports. They can also be used to strictly control network traffic by only allowing incoming frames that match the source MAC and source IP address on a specific port. ACLs are composed of Access Control Entries (ACEs), which are rules that determine traffic classifications. Each ACE is a considered a single rule, and up to 256 rules may be defined on each ACL, with up to 3000 rules globally. ACLs are used to provide traffic flow control, restrict contents of routing updates, and determine which types of traffic are forwarded or blocked. This criterion can be specified based on the MAC address or IP address.

PreviousSNMPNextMAC ACL

Last updated 4 years ago

Was this helpful?