Acl - EnGenius EWS Series User Manual

ACL

An Access Control List (ACL) allows you to define classification rules or establish criteria to provide
security to your network by blocking unauthorized users and allowing authorized users to access specific
areas or resources. ACLs can provide basic security for access to the network by controlling whether
packets are forwarded or blocked at the Switch ports. Access Control Lists (ACLs) are filters that allow
you to classify data packets according to a particular content in the packet header, such as the source
address, destination address, source port number, destination port number, and more. Packet classifiers
identify flows for more efficient processing. Each filter defines the conditions that must match for
inclusion in the filter. ACLs (Access Control Lists) provide packet filtering for IP frames (based on the
protocol, TCP/UDP port number or frame type) or layer 2 frames (based on any destination MAC address
for unicast, broadcast, or multicast, or based on VLAN ID or VLAN tag priority). ACLs can be used to
improve performance by blocking unnecessary network traffic or to implement security controls by
restricting access to specific network resources or protocols. Policies can be used to differentiate service
for client ports, server ports, network ports, or guest ports. They can also be used to strictly control
network traffic by only allowing incoming frames that match the source MAC and source IP address on a
specific port. ACLs are composed of Access Control Entries (ACEs), which are rules that determine traffic
classifications. Each ACE is a considered as a single rule, and up to 256 rules may be defined on each ACL,
with up to 3000 rules globally. ACLs are used to provide traffic flow control, restrict contents of routing
updates, and determine which types of traffic are forwarded or blocked. This criterion can be specified
on a basis of the MAC address or IP address.
152