User Manual
Table Of Contents
- FS728TP Smart Switch
- Table of Contents
- 1. Getting Started
- Getting Started with the FS728TP Smart Switch
- Switch Management Interface
- Connecting the Switch to the Network
- Switch Discovery in a Network with a DHCP Server
- Switch Discovery in a Network without a DHCP Server
- Configuring the Network Settings on the Administrative System
- Web Access
- Smart Control Center Utilities
- Understanding the User Interfaces
- Interface Naming Convention
- 2. Configuring System Information
- 3. Configuring Switching Information
- 4. Configuring Quality of Service
- 5. Managing Device Security
- 6. Monitoring the System
- 7. Maintenance
- 8. Help
- A. Hardware Specifications and Default Values
- B. Configuration Examples
- C. Notification of Compliance
- Index
174 | Chapter 5: Managing Device Security
FS728TP Smart Switch Software Administration Manual
Configuring Access Control Lists
Access Control Lists (ACLs) ensure that only authorized users have access to specific
resources while blocking off any unwarranted attempts to reach network resources. ACLs are
used to provide traffic flow control, restrict contents of routing updates, decide which types of
traffic are forwarded or blocked, and above all provide security for the network. FS728TP
Smart Switch software supports IPv4 and MAC ACLs.
Note: The FS728TP Smart Switch does not support mixed ACLs on same
interface. In other words, you can bind MAC ACLs or IP ACLs to an
interface, but you cannot bind both ACL types to an interface.
To configure an ACL, first create an IPv4-based or MAC-based ACL ID. Then, create a rule
and assign it to a unique ACL ID. Next, define the rules, which can identify protocols, source,
and destination IP and MAC addresses, and other packet-matching criteria. Finally, use the
ID number to assign the ACL to a port or to a LAG.
The Security ACL folder contains links to the following features:
• Basic:
• MAC ACL on page 174
• MAC Rules on page 175
• MAC Binding Configuration on page 177
• MAC Binding Table on page 178
• Advanced:
• IP ACL on page 179
• IP Rules on page 181
• IP Extended Rule on page 182
• IP Binding Configuration on page 185
• IP Binding Table on page 187
MAC ACL
A MAC ACL consists of a set of rules which are matched sequentially against a packet. When
a packet meets the match criteria of a rule, the specified rule action (Permit/Deny) is taken
and the additional rules are not checked for a match.
There are multiple steps involved in defining a MAC ACL and applying it to the switch:
1. Use the MAC ACL page to create the ACL ID.
2. Use the MAC Rules page to create rules for the ACL.
3. Use the MAC Binding Configuration page to assign the ACL by its ID number to a port.