Configuring Network Security

Creating and Implementing Access Control Lists (ACLs)

Access Control Lists (ACLs) allow you to configure basic traffic filtering for IP addresses and MAC addresses. The ACL controls if routed packets are forwarded or blocked on the network. The packet is examined by the switch and then determines if the packet is forwarded or dropped based on the criteria configured in the ACLs. nvOS supports Layer 2 (MAC) or Layer 3 (IP) ACLs.

ACL criteria can be based on source or destination addresses or the protocol type. nvOS supports UDP, TCP, IGMP, and IP protocols.

You can use ACLs to restrict contents of routing updates or provide traffic flow control. ACLs can allow one host to access part of your network and prevent another host from accessing the same area. You can also use ACLs to decide what types of traffic are forwarded or blocked.

If you need more background on ACLs and using them on your network, refer to the many networking resources available.

MAC ACLs