- Preview the list of ACEs in a named ACL, as described in Previewing ACEs in Named ACLs.
- Validate ACEs in a named ACL, as described in Validating Named ACLs.
- View a complete list of configured named ACLs, as described in Viewing Named ACLs.
- Modify information in a named ACL, as described in Modifying Named ACLs.
- Apply a named ACL to supported operations, as described in Applying Access Control to Operations.
- Delete a named ACL, as described in Deleting Named ACLs.
- Export and print the list of named ACLs.
- From the Administration tab, select the Named ACLs tab -> named_acl check box checkbox, and then click the Preview icon.
- In a separate browser window, Grid Manager displays the following information for each ACE in the named ACL:
- Entry: Displays one of the following: IPv4 or IPv6 address, IPv4 or IPv6 network, or TSIG key. Note that if the named ACL contains nested ACLs, all entries in the nested ACLs are displayed in a flat view. Grid Manager does not display the name of the nested ACL.
- Type: The access control type of the entry. This can be IPv4 Address, IPv6 Address, IPv4 Network, IPv6 Network, TSIG Key, or DNSone 2.x TSIG Key.
- Operation: Displays the access permission for the entry. This can be Allow or Deny.
- From the Administration tab, select the Named ACLs tab -> named_acl check box checkbox, and then click the Validate icon.
In the Add Named ACL wizard or Named ACL editor, click the Validate icon.
- Grid Manager validates all the ACEs in the named ACL and displays a system message at the top of the screen indicating whether all ACEs in the named ACL are valid or not, depending on the validation results. When the appliance detects conflicts or issues related to specific ACEs, it displays the results in a CSV file. You can save the file or open it. Grid Manager displays the following information in the file:
- Defined ACL: The name of the named ACL.
- Type of Issue: The type of issue found. This can be one of the following:
- Optimize: An ACE is a duplicate of a previous entry or an ACE configuration can be a subset of another entry. See optimized suggestions in the Issue field.
- Conflict: The same IP address or network has a conflicting permission. Re-configure the ACE based on your requirements.
- Warning: An ACE is a subset of a previously configured entry, but it has a conflicting permission.
- ACE A: The ACE that has a conflict or an optimized issue with ACE B.
- ACE B: The ACE that has a conflict or an optimized issue with ACE A.
- Issue: Detailed information and optimized suggestions about the conflict or issue.
- From the Administration tab, select the Named ACLs tab -> named_acl check box checkbox, and then click the Edit icon.
- The Named ACL editor provides the following tabs from which you can modify data:
- Genera Basic: You can modify data in this tab as described in Defining Named ACLs.
- Extensible Attributes: Add and delete extensible attributes that are associated with a specific named ACL. You can also modify the values of the extensible attributes. For information, see About Extensible Attributes.
- Permissions: This tab appears only if you belong to a superuser admin group. For information, see Managing Permissions.
- From the Administration tab, select the Named ACLs tab -> named_acl check box checkbox, and then click the Delete icon. You can select multiple named ACLs for deletion.
- In the Delete Confirmation dialog box, click Yes.