Access Control

Use access control on your network to limit and control who uses your host systems and applications through your communications links. Each entity with which you communicate must be identified by name, IP address, or network so that access to your system is controlled. After access control is established, your computer can exchange encrypted or unencrypted data with the remote host.

The SKIP access control list (ACL) specifies whether remote hosts or networks are authorized to communicate with your computer. Each entry in your access control list identifies a specific host (by name or IP address) or network (by network number and subnet mask). You use SunScreen SKIP Access Manager to maintain your access control list.

SKIP's access control is based on the IP addresses of remote systems. When a system tries to connect to a host running SunScreen SKIP, the application searches for an ACL entry as follows:

1. SKIP searches for an ACL entry for the remote host. If the entry exists, SKIP uses it to determine access permissions (which can be Clear Access, Encrypted Access, or No Access) and encryption information (if any).

2. If an entry for the host does not exist, SKIP searches for an ACL entry for the network to which the remote host belongs. If the entry exists, SKIP uses it to determine access permission.

3. If an entry for the host or the host's network does not exist. SKIP searches for an ACL entry called Default. If the entry exists, SKIP uses it to determine access permissions as well as encryption, authentication, and compression settings for communication with the remote host.

4. If SKIP cannot find an ACL that pertains to the remote host or a Default ACL entry, it will not grant access.