Adding and editing access control lists - BlueCat Integrity - 9.3.0

Address Manager Administration Guide

Product name
BlueCat Integrity

How to create or edit access control lists (ACLs) in Address Manager.

To add or edit a DNS Access Control List:

  1. From the configuration drop-down menu, select a configuration.
  2. Select the DNS tab. Tabs remember the page you last worked on, so select the tab again to ensure you're on the Configuration information page.
  3. Under ACLs, click New.
    If editing a DNS ACL, click the name of the DNS ACL. From the Details page, click the name of the DNS ACL and select Edit.
  4. Under General, set the following parameters:
    • Name—enter a name for the Access Control Lists to be added.
    • Match List—select a type of match list.
      • IP Address/Network—select this match type to create a DNS ACL using single or multiple IPv4 and IPv6 addresses, and CIDR addresses.
      • TSIG key—select this match type to create a TSIG-based ACL. For example, you can restrict zone transfer access to a set of remote non-BlueCat servers that will be acting as secondary servers.
      • ACL—select this match type to create a nested ACL. Instead of creating a new ACL with all the information, you can also create an ACL that references the other ACLs already created and in use. When you select the ACL type, the following four pre-defined ACLs will be populated:
        • All—creates a new ACL list that matches all hosts.
        • None—creates a new ACL list that doesn't match any hosts.
        • Localhost—creates a new ACL that matches all the IP addresses of your active DNS server.
        • Localnetworks—creates a new ACL that matches all the IP address and subnet masks of your active DNS server.
    • Data—this field will only be available when the IP Address/Network type is selected in the Match List drop-down menu. Enter the IPv4 or IPv6 address/network.
    • Exclusion—select the check box to add an exclusion to a DNS ACL. For example, if an exclusion is added for a specific client’s IP address, the client will be excluded from the ACL.

    Click Add to add ACL match statements to the list. To adjust the position of the match statements in the list, select the statement and click Move Up and Move Down to move it up or down in the list.

  5. Under Change Control, add comments, if required.
  6. Click Add.