Novell ZENWORKS ENDPOINT SECURITY MANAGEMENT 3.5 - ADMINISTRATION Administration Manual page 135

MAC - This type limits the address to 12 characters, and only containing the numbers 0-9
and the letters A-F (upper and lower case); separated by colons (example:
00:01:02:34:05:B6)
5 Select the ACL Behavior drop-down box and determine whether the ACLs listed should be
Trusted (allow it always even if all TCP/UDP ports are closed) or Non-Trusted (block access)
6 If Trusted, select the Optional Trusted Ports (TCP/UDP) this ACL will use. These ports will
permit all ACL traffic, while other TCP/UDP ports will maintain their current settings.
Selecting ‹None› means any port may be used by this ACL
7 Click Save. Repeat the above steps to create a new setting
To associate an existing ACL/Macro to this firewall setting:
1 Select Access Control List from the component tree and click the Associate Component button
2 Select the ACL(s)/Macro(s) from the list
3 The ACL behavior settings may be re-defined. However, changing the settings in a shared
component will affect ALL OTHER instances of this same component. Use the Show Usage
command to view all other policies associated with this component.
4 Click Save
Network Address Macros List
The following is a list of special Access Control macros. These can be associated individually as
part of an ACL in a firewall setting.
Network Address Macros
Table 6-1
Macro Description
[Arp] Allow ARP (Address Resolution Protocol) packets. The term Address
Resolution refers to the process of finding an address of a computer in a
network. The address is Resolved using a protocol in which a piece of
information is sent by a client process executing on the local computer to a
server process executing on a remote computer. The information received by
the server allows the server to uniquely identify the network system for which
the address was required and therefore to provide the required address. The
address resolution procedure is completed when the client receives a response
from the server containing the required address.
[Icmp] Allow ICMP (Internet Control Message Protocol) packets. ICMPs are used by
routers, intermediary devices, or hosts to communicate updates or error
information to other routers, intermediary devices, or hosts. ICMP messages
are sent in several situations: for example, when a datagram cannot reach its
destination, when the gateway does not have the buffering capacity to forward
a datagram, and when the gateway can direct the host to send traffic on a
shorter route.
[IpMulticast] Allow IP Multicast packets. Multicast is a bandwidth-conserving technology that
reduces traffic by simultaneously delivering a single stream of information to
thousands of corporate recipients and homes. Applications that take advantage
of multicast include videoconferencing, corporate communications, distance
learning, and distribution of software, stock quotes, and news. Multicast
packets may be distributed using either IP or Ethernet addresses.
Creating and Distributing Security Policies 135