Chapter 12
Access Policies
Overview of Access Policies
This chapter describes access policies, and how they are created and
implemented on the switch.
Access policies are a generalized category of features that are applied
to route forwarding decisions. Access policies are used primarily for
security purposes, and, less often, for bandwidth management.
Access policies are formed by combining an "access profile" (for
example, a list of IP routes) with an "access method" (for example,
RIP).
Access policies can be similar in effect, but different in
implementation, to other methods of restricting traffic flows
associated with using the blackhole feature of the switch software's
Policy-Based QoS.
Many of the access policy capabilities are specific to the type of
routing protocol involved. For example, instead of having the
routing protocol advertise the presence of a subnet, but not allowing
traffic to be forwarded to it, you can configure the routing protocol
to prohibit the advertisement of the subnet. Leveraging the routing
protocol in this way gives your network better security, and results in
less mis-directed traffic.
12-1