The access profile logging feature allows you to use an ACL policy file or dynamic ACL rules to control access to SSH2 services on the switch.
When access profile logging is enabled for SSH2, the switch logs messages and increments counters when packets are denied access to SSH2. No messages are logged for permitted access.
You can manage SSH2 access using one (not both) of the following methods:
One advantage of ACL policy files is that you can copy the file and use it on other switches. One advantage to applying individual ACL rules is that you can enter the rules at the CLI command prompt, which can be easier than opening, editing, and saving a policy file.