Represents an Access Control List on the Device.

AccessLists are represented in the model by two distinct flavors, each having a different type of rule. Cisco style access lists have rules of type AclExtendedRule (which allow only one source and destination address per rule); Juniper, PIX, and some other devices have access lists that use rules of type AclGroupedRule (which allow multiple source or destination addresses per rule). When navigating through data you can largely ignore this distinction; however when writing a Query you will have to specify AclGroupedRule or AclExtendedRule.


Reflexive Access Lists are not modeled at this time, and will generate non-fatal validation errors if encountered.