Designing Access Controls

Finalize Security Policies

Often resources are an entire subnet of servers. For example, you can place all financial databases in VLAN 5 and then create a “Financial Databases” resource that allows all traffic to the subnet associated with that VLAN.

You can list the server (resource) VLANs in your network in Table 3-82. If you need to create a more granular resource, such as a specific email server, fill in the information in Table 3-83.

Table 3-82. Resources by Entire VLAN

Resource

VLAN ID Subnet Address

Table 3-83. Resources

Resource

IP Address

Protocol

Port or Ports

 

 

3-110

Page 225 Page 227
Page 226
Image 226
HP Access Control Client Software Resources by Entire Vlan, Resource Vlan ID Subnet Address, Resource IP Address Protocol
Page 225 Page 227
Top Page Image Contents