411
APPENDIX B: GLOSSARY
A
ACE
ACE is an acronym for
A
ccess
C
ontrol
E
ntry. It describes access permission associated with a particular ACE ID.
There are three ACE frame types (
Ethernet Type
,
ARP
, and IPv4) and two ACE actions (permit and deny). The ACE also
contains many detailed, different parameter options that are available for individual application.
ACL
ACL is an acronym for
A
ccess
C
ontrol
L
ist. It is the list table of ACEs, containing access control entries that specify
individual users or groups permitted or denied to specific traffic objects, such as a process or a program.
Each accessible traffic object contains an identifier to its ACL. The privileges determine whether there are specific traffic
object access rights.
ACL implementations can be quite complex, for example, when the ACEs are prioritized for the various situation. In
networking, the ACL refers to a list of service ports or network services that are available on a host or server, each with a
list of hosts or servers permitted or denied to use the service. ACL can generally be configured to control inbound traffic,
and in this context, they are similar to firewalls.
There are 3 web-pages associated with the manual ACL configuration:
ACL|Access Control List
: The web page shows the ACEs in a prioritized way, highest (top) to lowest (bottom).
Default the table is empty. An ingress frame will only get a hit on one ACE even though there are more matching ACEs.
The first matching ACE will take action (permit/deny) on that frame and a counter associated with that ACE is
incremented. An ACE can be associated with a Policy, 1 ingress port, or any ingress port (the whole switch). If an ACE
Policy is created then that Policy can be associated with a group of ports under the "Ports" web-page. There are number
of parameters that can be configured with an ACE. Read the Web page help text to get further information for each of
them. The maximum number of ACEs is 64.
ACL|Ports
: The ACL Ports configuration is used to assign a Policy ID to an ingress port. This is useful to group ports to
obey the same traffic rules. Traffic Policy is created under the "Access Control List" - page. You can you also set up
specific traffic properties (Action / Rate Limiter / Port copy, etc) for each ingress port. They will though only apply if the
frame gets past the ACE matching without getting matched. In that case a counter associated with that port is
Summary of Contents for NS4750-24S-4T-4X
Page 1: ...NS4750 24S 4T 4X User Manual P N 1702826 REV 00 01 ISS 14JUL14 ...
Page 56: ...56 Figure 4 2 7 Privilege Levels Configuration Page Screenshot ...
Page 110: ...110 Figure 4 4 6 Mirror Configuration Page Screenshot ...
Page 117: ...117 Figure 4 5 4 LACP Port Configuration Page Screenshot ...
Page 174: ...174 Figure 4 7 10 MST1 MSTI Port Configuration Page Screenshot ...
Page 180: ...180 Figure 4 8 2 Multicast Flooding ...
Page 249: ...249 Figure 4 9 18 Voice VLAN Configuration Page Screenshot ...
Page 271: ...271 Counter Counts the number of frames that match this ACE ...
Page 281: ...281 Figure 4 11 4 Network Access Server Configuration Page Screenshot ...
Page 315: ...315 ...
Page 328: ...328 ...
Page 335: ...335 ...
Page 346: ...346 Figure 4 14 1 LLDP Configuration Page Screenshot ...
Page 350: ...350 Figure 4 14 2 LLDP MED Configuration Page Screenshot ...
Page 372: ...372 Figure 4 16 1 Loop Protection Configuration Page Screenshot ...