Skip to main content

What is ACL? - Access-Lists


Access control list (ACL) is a list of permissions attached to an object. An ACL specifies which users or system processes are granted access to objects, as well as what operations are allowed on given objects or you can say for each rule we have two conditions and that is Permit or Deny.
What is ACL? - Access-Lists
Access List

Access-list (ACL) is a set of rules defined for controlling the network traffic and reducing network attack. ACLs are used to filter traffic based on the set of rules defined for the incoming or out going of the network.

Types of ACL:

  • Standard Access List:
  • Extended Access List:


Standard Access List-
These are the Access-list which are made using the source IP address only. These ACLs permit or deny the entire protocol suite. They don’t distinguish between the IP traffic such as TCP, UDP, Https etc. By using numbers 1-99 or 1300-1999, router will understand it as a standard ACL and the specified address as source IP address.

Extended Access List-
These are the ACL which uses both source and destination IP address. In these type of ACL, we can also mention which IP traffic should be allowed or denied. These use range 100-199 and 2000-2699.

There are two categories of Access List which is below:
Numbered access list-

The access list which cannot be deleted specifically once created i.e if we want to remove any rule from an Access-list then this is not permitted in the case of numbered access list. If we try to delete a rule from access list then the whole access list will be deleted. The numbered access list can be used with both standard and extended access list.
Named access list-
In these type an access list name is assigned to identify an access list. It is allowed to delete a named access list unlike numbered access list. Like numbered access list, these can be used with both standard and extended access list.


Features of Access List:
  1. The set of rules defined are matched serial wise, E.g. matching starts with the first line, then 2nd, then 3rd and so forth.
  2. Defined Packets are matched once and until it matches the given rule. Once a rule is matched then no further comparison takes place and that rule will be performed.
  3. There is an implicit deny at the end of every ACL, E.g., if no condition or rule matches then the packet will be discarded.
The access-list should be applied to inbound or outbound of the interface:

Inbound access lists – When an access list is applied on inbound packets of the interface then first the packets will processed according to the access list and then routed to the outbound interface.

Outbound access lists – When an access list is applied on outbound packets of the interface then first the packet will be routed and then processed at the outbound interface.

Advantage of Access List:
  • It Improve network performance.
  • It Provides an security as administrator can configure the access list according to the needs and deny the unwanted packets from entering the network.
  • ACL Provides control over the traffic as it can permit or deny according to the need of network.

Labels:

Comments

Post a Comment

Popular posts from this blog

How to Reset Steam Password? – Recover Your Steam Password

Are you suffering with Reset Steam Password? This blog will help you. What is Steam? Steam is the online website for getting the best games for paid. If you are a true game lover then you should have an active account on Steam. Many of people lost their password during the  PC clean-up  or any other circumstances. At that time they have to reset Password of all accounts. Then if you facing issues with the password, you forced to Steam reset password to access the Steam account. We are going to share the guide that how to recover your forgotten Steam Password and make your existing account ready. First of all, you should have enough knowledge about what is Steam and why Steam Account required? Why Steam Account Requires? Before jump into password recovery and Login details, let me clear about why Steam Account required? There are several benefits of this Steam Account from where you can easily download PC games as well as software. Though it will be p...
Post a Comment
Read more

What is STP? - Explain Advantages and Disadvantages

The Spanning Tree Protocol is a network protocol that builds a loop-free logical topology for Ethernet networks. The basic function of STP is to prevent bridge loops and the broadcast radiation that results from them. STP is a protocol. It actively monitors all links of the network. To finds a redundant link, it uses an algorithm, known as the STA (spanning-tree algorithm). The STA algorithm first creates a topology database then it finds and disables the redundant links. Once redundant links are disabled, only the STP-chosen links remain active. If a new link is added or an existing link is removed, the STP re-runs the STA algorithm and re-adjusts all links to reflect the change. STP (Spanning Tree Protocol) automatically removes layer 2 switching loops by shutting down the redundant links. A redundant link is an additional link between two switches. A redundant link is usually created for backup purposes. Just like every coin has two sides, a redundant link, along with...
5 comments
Read more