Access Control Lists: ACLs

Use the Security > Access Control Lists > ACLs options to compile and manage the rules that define inbound and outbound access for network hosts and services.

Each ACL consists of one or more access control entries (ACEs). You need to complete the following tasks to configure ACLs:

  1. Configure entries for each network and host requiring an ACL.
  2. Configure entries for any network services requiring an ACL.
  3. Create an ACL.

This section includes the following topics:

Adding an ACL

Procedure 

  1. Log into System Manager.
  2. Go to Security > Access Control Lists > ACLs.
  3. Click Add to open the Add ACL window.
  4. Complete the form with the following information:

    • Name: Enter a name to use to identify this ACL.
    • Description: Enter additional text provide supporting information about this ACL.
  5. Click Submit to enable the lower portion of the window and continue.
  6. Click Add to add an access control entry (ACE) to the ACL.
    Each ACE consists of a combination of the network hosts and services you configured for use in ACLs.
  7. Modify one or more of the fields, as necessary.
    Refer to Add ACL window for details.
  8. Click Apply > OK.

Add ACL window

The following table summarizes fields and descriptions in the Add ACL window:

Table 28.  Add ACL Fields

Fields

Description

Source Network

Select the network from which access will originate. This list is populated with the networks and hosts you created for use with ACLs. See “Access Control Lists: Networks and Hosts” on Access Control Lists: Networks and Hosts.

Destination Network

Select the network being accessed. This list is populated with the networks and hosts you created for use with ACLs. See “Access Control Lists: Networks and Hosts” on Access Control Lists: Networks and Hosts.

Service

Select the network service to which this entry permits or denies access. This list is populated with the services you created for use with ACLs. See “Access Control Lists: Network Services” on Access Control Lists: Network Services.

Action

Select Permit or Deny from the drop down list.

Connections Per Minute

Enter the number of connections to allow per minute.

Description

Enter text to describe the purpose of this entry.

Editing an ACL

Procedure 

  1. Log into System Manager.
  2. Go to Security > Access Control Lists > ACLs.
  3. Complete one or more of the following modifications to the ACL:

    • Select an ACL and click Delete.
    • Click Add to add an ACL.
    • Select the ACL above the new ACL and click Insert.
  4. Click Apply > OK.

Copying an ACL

Procedure 

To start a new ACL based on an existing one:

  1. Log into System Manager.
  2. Go to Security > Access Control Lists > ACLs.
  3. Select the ACL you want to copy.
  4. Click the Copy button.
  5. Enter a name for the new ACL.
  6. Click OK >OK.

Deleting an ACL

Procedure 

  1. Log into System Manager.
  2. Go to Security > Access Control Lists > ACLs.
  3. Select one or more of the check boxes next to an ACL you want to delete.
  4. Click Delete > Yes.