Configuring access control lists, Acl overview, See "configuring access control – Dell POWEREDGE M1000E User Manual

Configuring Access Control Lists

543

20

Configuring Access Control Lists

This chapter describes how to configure Access Control Lists (ACLs),

including IPv4, IPv6, and MAC ACLs. This chapter also describes how to

configure time ranges that can be applied to any of the ACL types.
The topics covered in this chapter include:

• ACL Overview
• Configuring ACLs (Web)
• Configuring ACLs (CLI)
• ACL Configuration Examples

ACL Overview

Access Control Lists (ACLs) are a collection of permit and deny conditions,

called rules, that provide security by blocking unauthorized users and

allowing authorized users to access specific resources.
ACLs can also provide traffic flow control, restrict contents of routing

updates, and decide which types of traffic are forwarded or blocked. ACLs can

reside in a firewall router, a router connecting two internal networks, or a

Layer 3 switch, such as a PowerConnect M6220/M6348/M8024/M8024-k

switch.
The PowerConnect M6220, M6348, M8024, and M8024-k switches support

ACL configuration in both the ingress and egress direction. Egress ACLs

provide the capability to implement security rules on the egress flows (traffic

leaving a port) rather than the ingress flows (traffic entering a port). Ingress

and egress ACLs can be applied to any physical port, port-channel (LAG), or

VLAN routing port.
Depending on whether an ingress or egress ACL is applied to a port, when the

traffic enters (ingress) or leaves (egress) a port, the ACL compares the criteria

configured in its rules, in order, to the fields in a packet or frame to check for

matching conditions. The ACL forwards or blocks the traffic based on the

rules.