Copyright © TIBCO Software Inc. All Rights Reserved
Copyright © TIBCO Software Inc. All Rights Reserved


Chapter 5 Access Control List : Client Connection

Client Connection
The first layer of access control determines which clients may connect to a TIBCO Messaging Appliance P-7500.
Default Action and Exceptions
To control client connections to a P-7500, you can configure two aspects—the default behavior and exceptions.
Default Action
You can set the default action either to allow connections from all clients, or to disallow connections from all clients.
If the default action is to allow connections from all clients, then any exceptions specify clients that are expressly disallowed.
Conversely, if the default action is to disallow connections from all clients, then any exceptions specify clients that are expressly allowed.
Exceptions
The client connection rule can include zero or more exceptions to its default action.
You must specify each exception as a CIDR address. Notice that CIDR addresses can specify the IP address of an individual computer, a small subnet, or even a large network—-depending upon the number bits in the network mask portion of the address.
Example 1 ACL Client CIDR Addresses
 
Initial Configuration
When you first enable the ACL feature, the default action is to allow all connections, with no exceptions.
You may change the default action. You may add exceptions.
Enforcement
P-7500 enforces ACL connection controls whenever a client attempts to connect.
After a client is already connected to a P-7500, changing either aspect of the ACL configuration to disallow that client does not have any effect; all connected clients remain connected.

Copyright © TIBCO Software Inc. All Rights Reserved
Copyright © TIBCO Software Inc. All Rights Reserved