Using acl assistant, Using the acl resource list, Using the rule set list – H3C Technologies H3C Intelligent Management Center User Manual

10

•

ACL resources, once created, can then be deployed to devices managed by IMC that support ACLs.

Using ACL Assistant

The ACL Assistant facilitates ACL template rule creation by modularizing some of the configuration
components of an ACL rule, including services, network addresses, and time ranges.

•

With services, operators can define one or more TCP or UDP ports as a named service.

•

With net address groups, operators can specify an IP address or range of IP addresses and their
subnet mask.

•

With time ranges, operators specify fixed or recurring date and time ranges.

Once these are created, the services, net address groups, and time range groups become available for

use when configuring rules for templates.
ACL Manager also offers administrators and operators a feature set for simplifying the task of managing
ACLs and their rule sets.

Using the ACL Resource List

The ACL Resource List provides a single portal for viewing and managing all of the ACLs that can be

deployed to network devices. Use this portal to view, add, rename, and delete ACLs.

Using the Rule Set List

Navigate to the Rule Set List for managing every aspect of a rule set for a given ACL.

•

View information for every rule in a set.

•

Take action on all of the existing rules in the list, including:

{

Add

{

Modify

{

Copy

{

Deploy

{

Delete

From the Rule Set List, operators can also import the contents of a template into a new rule set of an

existing ACL.
ACL Manager provides two key features for managing the effect on network performance that an ACL

can have:

•

Redefine or sort manually the order of appearance of rules in a rule set, which can be crucial to its
effectiveness when the rule set's match order is based on the order of rule appearance.

•

Use the Optimize feature for evaluating the effect of rules on network performance as well as
making and implementing recommendations for reducing the effect of ACLs on network

performance.

ACL Manager also simplifies and streamlines the process for managing ACLs on devices. With ACL

Manager, operators have a single portal for viewing and managing the ACL configurations on all

devices that support ACLs. ACL Manager also provides operators with a single portal for managing ACL

configurations for the selected device. From this portal, operators can view, synchronize, and refresh the

ACL configuration data for the device as well as modify the ACL configuration polling interval. Options
are also provided for managing ACL device configurations, including adding and deleting ACL

definitions, exporting ACL text files, and applying ACLs as packet filters or VLAN filters to one or more

interfaces on the device.