Difference between port isolation and ACLs on S series switches

For S series switches (except S1700 switches):
The port isolation function isolates interfaces in a VLAN, providing secure and flexible networking solutions.
To implement Layer 2 isolation between interfaces, you can add each interface to a different VLAN. This method, however, wastes VLAN resources. Port isolation can isolate interfaces in the same VLAN, and a port isolation group can effectively implement Layer 2 isolation between these interfaces. It provides secure and flexible networking solutions.
An ACL is a packet filter that filters packets based on rules. A switch with an ACL configured matches packets based on the rules to obtain the packets of a certain type, and then decides to forward or discard these packets according to the policies used by the service module to which the ACL is applied.
For example, after an ACL is applied to a traffic policy or simplified traffic policy, access rights of the users on different network segments are restricted, preventing security risks caused by uncontrolled mutual access between different network segments.

Scroll to top