Alphabetical Glossary Of Terms - FibroLAN Falcon Gen-3 M-Class User Manual

Falcon M-Class | User Guide
8.2

Alphabetical Glossary of Terms

ACE
ACE is an acronym for Access Control Entry. It describes access
permission associated with a particular ACE ID.
There are three ACE frame types (
actions (permit and deny). The ACE also contains many detailed, different parameter
options that are available for individual application.
ACL
ACL is an acronym for Access Control List. It is the list table of ACEs,
containing access control entries that specify individual users or groups
permitted or denied to specific traffic objects, such as a process or a
program.
Each accessible traffic object contains an identifier to its ACL. The privileges determine
whether there are specific traffic object access rights.
ACL implementations can be quite complex, for example, when the ACEs are prioritized
for the various situation. In networking, the ACL refers to a list of service ports or
network services that are available on a host or server, each with a list of hosts or
servers permitted or denied to use the service. ACL can generally be configured to control
inbound traffic, and in this context, they are similar to firewalls.
There are 3 web-pages associated with the manual ACL configuration:
ACL|Access Control List: The web page shows the ACEs in a
prioritized way, highest (top) to lowest (bottom). Default the table is
empty. An ingress frame will only get a hit on one ACE even though
there are more matching ACEs. The first matching ACE will take action
(permit/deny) on that frame and a counter associated with that ACE is
incremented. An ACE can be associated with a Policy, 1 ingress port, or
any ingress port (the whole switch). If an ACE Policy is created then that
Policy can be associated with a group of ports under the "Ports" web-
page. There are number of Parameters that can be configured with an
ACE. Read the Web page help text to get further information for each of
them. The maximum number of ACEs is 64.
ACL|Ports: The ACL Ports configuration is used to assign a Policy ID to
an ingress port. This is useful to group ports to obey the same traffic
rules. Traffic Policy is created under the "Access Control List" - page. You
can you also set up specific traffic properties (Action / Rate Limiter / Port
copy, etc) for each ingress port. They will though only apply if the frame
gets past the ACE matching without getting matched. In that case a
counter associated with that port is incremented. See the Web page help
text for each specific port property.
ACL|Rate Limiters: Under this page you can configure the rate limiters.
Ethernet Type ARP
,
453
, and IPv4) and two ACE