Ingress ACLs support Flow-based Mirroring and ACL Logging, which have the following characteristics:

Flow-based mirroring is the ability to mirror traffic that matches a permit rule to a specific physical port or LAG. Flow-based mirroring is similar to the redirect function, except that in flow-based mirroring a copy of the permitted traffic is delivered to the mirror interface while the packet itself is forwarded normally through the device. You cannot configure a given ACL rule with mirror and redirect attributes.

ACL Logging provides a means for counting the number of “hits” against an ACL rule. When you configure ACL Logging, you augment the ACL deny rule specification with a "log" parameter that enables hardware hit count collection and reporting. The switch uses a fixed five minute logging interval, at which time trap log entries are written for each ACL logging rule that accumulated a non- zero hit count during that interval. You cannot configure the logging interval.

Using ACLs to mirror traffic is called flow-based mirroring since the traffic flow is defined by the ACL classification rules. This is in contrast to port mirroring, where all traffic encountered on a specific interface is replicated on another interface.

You can set up ACLs to control traffic at Layer 2, Layer 3, or Layer 4. MAC ACLs operate on Layer 2. IP ACLs operate on Layers 3 and 4.

Limitations

The following limitations apply to ingress and egress ACLs.

Maximum of 100 ACLs.

Maximum rules per ACL is 127.

You can configure mirror or redirect attributes for a given ACL rule, but not both.

The PowerConnect 6200 Series switch supports a limited number of counter resources, so it may not be possible to log every ACL rule. You can define an ACL with any number of logging rules, but the number of rules that are actually logged cannot be determined until the ACL is applied to an interface. Furthermore, hardware counters that become available after an ACL is applied are not retroactively assigned to rules that were unable to be logged (the ACL must be un-applied then re-applied). Rules that are unable to be logged are still active in the ACL for purposes of permitting or denying a matching packet.

The order of the rules is important: when a packet matches multiple rules, the first rule takes precedence. Also, once you define an ACL for a given port, all traffic not specifically permitted by the ACL is denied access.

NOTE: Although the maximum number of ACLs is 100, and the maximum number of rules per ACL is 127, the system cannot support 100 ACLs that each have 127 rules.

112

Device Security

Page 111 Page 113
Page 112
Image 112
Dell 6200 SERIES manual Limitations, 112
Page 111 Page 113

6200 SERIES specifications

The Dell 6200 Series is a notable line of workstations designed for professionals seeking powerful computing solutions in fields such as engineering, architecture, and design. With its robust architecture and advanced technology, this series stands out for its ability to handle demanding applications while offering reliability and performance.

One of the key features of the Dell 6200 Series is its powerful processing capabilities. It typically includes Intel Xeon processors, which provide multiple cores to manage multitasking efficiently. This allows users to run complex simulations or render high-resolution graphics without experiencing lag or slowdown. The processors are designed for optimal thermal management, allowing for sustained performance during extended work sessions.

Another significant aspect of the Dell 6200 Series is its graphics capabilities. These workstations often come equipped with NVIDIA or AMD professional-grade graphics cards, ensuring that they are equipped to handle graphically intensive tasks, such as 3D modeling and video editing. The support for advanced rendering technologies allows professionals to work with high-fidelity visuals and complex datasets with ease.

In terms of expandability, the Dell 6200 Series is designed with flexibility in mind. Users can customize their workstations with a range of configurations, including varied RAM capacities and storage options. This flexibility ensures that the workstation can be tailored to meet the specific requirements of different workloads. The incorporation of Solid State Drives (SSDs) enhances data access speeds, significantly improving boot times and overall system responsiveness.

Additionally, the Dell 6200 Series includes comprehensive connectivity options to facilitate integration with various peripherals and networks. With multiple USB ports, Ethernet ports, and support for multiple display outputs, users can connect to external devices easily, promoting an efficient workflow.

Security features are also a priority in this series. The workstations typically include advanced security measures, such as TPM (Trusted Platform Module) technology, which helps protect sensitive data through hardware encryption and secure storage.

Overall, the Dell 6200 Series delivers a blend of power, flexibility, and security that makes it an excellent choice for professionals in need of a dependable workstation. With its advanced technologies and ample expansion options, users can feel confident that their equipment can handle both current and future demands, making it a smart investment for any professional environment.
Top Page Image Contents