Configuring ACL Priority

Management of ACL (Access Control List)s is flexible, with configurable priority for dynamic ACLs. This includes ACLs inserted by internal and external applications, as well as those inserted using the CLI. The priority is assigned by a system of zones, and within zones by numeric codes.

Zones are of two types:

To view both System Space and User Space zones, use the show access-list zone command.

Default Assignment and Priority of Applications, by Zone shows the priority of System Space zones and User Space zones together with the default assignments and priority of applications by zone.

Click to expand in new window

Default Assignment and Priority of Applications, by Zone

Zone/Default Application Default Priority Platform
SYSTEM SPACE ZONES    
hal 1  
USER SPACE ZONES    
DOS 2  
hal 1 All platforms
Dos 2 All platforms
SYSTEM 3  
Cli 1 All platforms
IpSecurity 2 All platforms
NetLogin 6 All platforms
SECURITY 4  
GenericXml (Allows configuration of one additional external application) 4 All platforms
SYSTEM SPACE ZONES    
hal 1  
Note

Note

The priority of static ACLs is determined by the order they are configured, with the first rule configured having the highest priority.