Getting Started
Applications for Access Control Lists (ACLs)
N o t e o n A C L
S e c u r i t y U s e
1-12
Applications for Access Control Lists
(ACLs)
Layer 3 IP filtering with Access Control Lists (ACLs) enables you to improve
network performance and restrict network use by creating policies for:
■
Switch Management Access: Permits or denies in-band management
access. This includes preventing the use of certain TCP or UDP applica
tions (such as Telnet, SSH, web browser, and SNMP) for transactions
between specific source and destination IP addresses.)
■
Application Access Security: Eliminating unwanted IP, TCP, or UDP
traffic in a path by filtering packets where they enter or leave the switch
on specific VLAN interfaces.
ACLs can filter traffic to or from a host, a group of hosts, or entire subnets.
ACLs can enhance network security by blocking selected IP traffic, and can
serve as one aspect of maintaining network security. However, because ACLs
do not provide user or device authentication, or protection from malicious
manipulation of data carried in IP packet transmissions, they should not
be relied upon for a complete security solution.
For information on how to apply ACLs in a network populated with ProCurve
switches that support the ACL feature, refer to the chapter titled "Access
Control Lists (ACLs)" in the Advanced Traffic Management Guide for your
switch.