Filter
Top Products
6-57
User Guide for Cisco Security Manager 4.4
OL-28826-01
Chapter 6 Managing Policy Objects
Creating Access Control List Objects
• Understanding Access Rule Address Requirements and How Rules Are Deployed, page 16-5
• Understanding Networks/Hosts Objects, page 6-74
• Understanding and Specifying Services and Service and Port List Objects, page 6-86
• Filtering Items in Selectors, page 1-42
Field Reference
Table 6-21 Add and Edit Extended Access Control Entry Dialog Boxes
Element Description
Type The type of entry you are adding. The fields on the dialog box change
based on your selection.
• Access Control Entry—You want to define an ACE.
• ACL Objects—You want to include an existing ACL object. You
are presented with a list of available ACL objects. Select the
objects you want to include and click the >> button to move them
to the list of selected objects. You can remove an object by
selecting it and clicking <<. You can also edit objects in the
selected objects list.
Action The action to take on traffic defined in the entry:
• Permit—The service associated with this ACL is applied to this
traffic. That is, the traffic is permitted to use the service.
• Deny—The service associated with this ACL is not applied to this
traffic. If there are multiple ACLs configured for a service, denied
traffic is typically compared to the next ACL in the list; if it
matches no permit entry in any ACL for the service, the service is
not applied to the traffic. Whether the traffic is dropped from the
network depends on the service.
Category The category assigned to the object. Categories help you organize and
identify rules and objects. See Using Category Objects, page 6-12.