Access Control List In Networking (ACL)
ACL is a set of rules defined for controlling the network traffic and
reducing network attack.
ACLs are used to filter traffic based on the set of rules defined for
the incoming or outgoing of the network.
It is used to filter traffic by using permit (to allow) and deny (to
block) statement.
TWO TYPES OF ACLs ARE:
Standard access-list:
1. Standard Access-list is generally applied close to
destination (but not always).
2. It uses the range 1-99 and extended range 1300-
1999.
3. It is implemented using the source IP address only.
4. It can filter traffic by using a host or a network.
Note – Standard Access-list are less used as compared to extended
access-list as the entire IP protocol suite will be allowed or denied for
the traffic as it can’t distinguish between the different IP protocol traffic.
Configuration:
R1# config terminal
R1(config)# access-list 10 deny 172.16.40.0 0.0.0.255
R1(config)# access-list 110 permit ip any any
Extended Access control List:
It is one of the types of Access-list which is mostly used as it can
distinguish IP traffic therefore the whole traffic will not be
permitted or denied like in the standard access list. These are the
ACL which uses both source and destination IP address and also
the port numbers to distinguish IP traffic.
Features:
1. Extended access-list is generally applied close to the source but
not always.
2. In the Extended access list, packet filtering takes place on the basis
of source IP address, destination IP address, port numbers.
3. In extended access-list, particular services will be permitted or
denied.
4. Extended ACL is created from 100 – 199 & amp; extended range
2000 – 2699.
TYPES OF FIREWALL
Stateless Firewall: They are capable of monitoring and
detecting states of all traffic on a network to track and defend
based on traffic patterns and flows.
Stateful Firewall: only focus on individual packets, using
present rules to filter traffic.
Submitted by-
Manisha Yadav