Installation guide

CHAPTER

12-1

Device Manager Guide, Cisco ACE 4700 Series Application Control Engine Appliance

OL-26645-02

Configuring Traffic Policies

This chapter describes how to configure traffic policies. ACE Appliance Device Manager helps you

configure class maps and policy maps to provide a global level of classification for filtering traffic

received by or passing through the ACE appliance. You create traffic policies and attach these policies

to one or more VLAN interfaces associated with the ACE appliance to apply feature-specific actions to

the matching traffic. The ACE appliance uses the individual traffic policies to implement functions such

as:

• Remote access using Secure Shell (SSH) or Telnet

• Server load balancing

• Network Address Translation (NAT)

• Optimization of HTTP traffic

• HTTP deep packet inspection, application protocol inspection, FTP command inspection, Skinny

Client Control Protocol (SCCP) deep packet inspection, or SIP inspection

• Secure Socket Layer (SSL) security services between a Web browser (the client) and the HTTP

connection (the server)

• TCP termination, normalization, and reuse

• IP normalization and fragment reassembly

Note When you use the ACE CLI to configure named objects (such as a real server, virtual server, parameter

map, class map, health probe, and so on), consider that the Device Manager (DM) supports object names

with an alphanumeric string of 1 to 64 characters, which can include the following special characters:

underscore (_), hyphen (-), dot (.), and asterisk (*). Spaces are not allowed.

If you use the ACE CLI to configure a named object with special characters that the DM does not

support, you may not be able to configure the ACE using DM.