Chapter 1 Controlling CSS Access
Controlling CSS Network Traffic Through Access Control Lists
1-12
Cisco Content Services Switch Security Configuration Guide
OL-5650-02
• restrict secure-xml - Disables the transfer of XML configuration files to the
CSS through secure HTTPS SSL connections (disabled by default).
• restrict xml - Disables the transfer of XML configuration files to the CSS
through unsecure HTTP connections (disabled by default).
• restrict web-mgmt - Disables web management access to the CSS (disabled
by default).
For example, to disable Telnet access, enter:
(config)# restrict telnet
Controlling CSS Network Traffic Through Access
Control Lists
The CSS provides traffic filtering capabilities with access control lists (ACLs).
ACLs filter inbound network traffic by controlling whether packets are forwarded
or blocked at the CSS interfaces. You can configure ACLs for routed network
protocols, filtering the protocol packets as the packets pass through the CSS.
The following sections describe how to configure an ACL:
• ACL Overview
• ACL Configuration Quick Start
• Creating an ACL
• Deleting an ACL
• Configuring Clauses
• Adding a Clause When ACLs are Globally Enabled
• Deleting a Clause
• Applying an ACL to a Circuit or DNS Queries
• Removing an ACL from Circuits or DNS Queries
• Enabling ACLs on the CSS
• Disabling ACLs on the CSS
• Showing ACLs
• Setting the Show ACL Counters to Zero
