Search for:
  • Home
  • Cisco
    • CCNA
      • CCNA Devnet
      • CCNA Cyber Ops
      • CCNA Other
    • CCNP/CCIE
      • CCNP Enterprise(Wireless)
        • Core Exams
        • Concentration Exams
      • CCNP Service Provider
        • Core Exams
        • Concentration Exams
      • CCNP Data Center
        • Core Exams
        • Concentration Exams
      • CCNP Security
        • Core Exams
        • Concentration Exams
      • CCNP Collaboration
        • Core Exams
        • Concentration Exams
      • CCNP DEVNet
        • Core Exams
        • Concentration Exams
      • CCNP Design
    • Other
  • CCIE Lab
    • CCIE EI Lab
    • CCIE DC Lab
    • CCIE Security Lab
    • CCIE Training
      • CCIE Enterprise Infrastructure Training
  • PMI
    • PMP
    • ACP
    • RMP
    • PgMP
    • PBA
  • ISACA
    • CISM
    • CISA
  • AWS
  • Microsoft
  • Others
    • GCIH
    • Palo Alto
    • Huawei
    • CompTIA
    • Oracle
    • Fortinet
    • Aruba
    • Python
    • CEHV10
    • VMware
  • News

Sign In

Lost your password?

Not a member yet? Sign Up
  • phone +86 18344981205
  • email support@spoto.net
Home
  • Home
  • Cisco
    • CCNA
      • CCNA Devnet
      • CCNA Cyber Ops
      • CCNA Other
    • CCNP/CCIE
      • CCNP Enterprise(Wireless)
        • Core Exams
        • Concentration Exams
      • CCNP Service Provider
        • Core Exams
        • Concentration Exams
      • CCNP Data Center
        • Core Exams
        • Concentration Exams
      • CCNP Security
        • Core Exams
        • Concentration Exams
      • CCNP Collaboration
        • Core Exams
        • Concentration Exams
      • CCNP DEVNet
        • Core Exams
        • Concentration Exams
      • CCNP Design
    • Other
  • CCIE Lab
    • CCIE EI Lab
    • CCIE DC Lab
    • CCIE Security Lab
    • CCIE Training
      • CCIE Enterprise Infrastructure Training
  • PMI
    • PMP
    • ACP
    • RMP
    • PgMP
    • PBA
  • ISACA
    • CISM
    • CISA
  • AWS
  • Microsoft
  • Others
    • GCIH
    • Palo Alto
    • Huawei
    • CompTIA
    • Oracle
    • Fortinet
    • Aruba
    • Python
    • CEHV10
    • VMware
  • News
perm_identity Get Started

Blog

Home > News > Cisco > Overview to ACL – Access Control List

Overview to ACL – Access Control List

access_time2019-09-23
perm_identity Posted by spoto
folder_open Cisco
20

Access control lists, their function, as well as proper implementation,  are going to be covered in Cisco exams, but the concepts, as well as deployment strategies, are also covered in certifications like Security + as well as CISSP. Herein, we would be investigating and define the different types of access control lists as well as examining some deployment concepts, especially the “why” we utilize them and the “when” we would be utilizing. This would be focused on the implementation of Cisco routers, specific designs for permitting and denying services and venture into the world of firewalls. Before we talk about the Access Control List, you should consider joining the SPOTO Club, to have a better understanding of the same.

What are Access Control Lists?

Access Control Lists are a network filter which would be utilized by routers and some switches to permit and restrict data flows into and out of network interfaces. When an Access Control List is configured on an interface, the network device analyzes data passing through the interface, compares it to the criteria described in the Access Control List, and either permits the data to flow or prohibits it.

Why Do We Use Access Control Lists?

There are a variety of reasons we use Access Control Lists. The primary reason would be to provide a basic level of security for the network. Access Control Lists aren’t considered as the complex and in-depth of protection as stateful firewalls, but they wouldn’t be providing protection on higher speed interfaces where line rate speed is important and firewalls may be restrictive. Access Control Lists are also used to restrict updates for routing from network peers and can be instrumental in defining flow control for network traffic.

When do we use Access Control Lists?

As I mentioned before, Access Control Lists for routers are not as complex or robust as stateful firewalls, but they would be offering a significant amount of firewall capability. As an IT network or security professional, placement of your defenses is considered to be critical to protecting the network, its assets, and data. Access Control Lists should be placed on external routers to filter traffic against less desirable networks and known vulnerable protocols.

One of the most common methods, in this case, is to set up a DMZ, or demilitarized buffer zone in your network. This architecture is normally would be implemented with two separate network devices.

What Does an Access Control List Consist Of?

Regardless of what routing platform you would be utilizing, all have a similar profile for defining an access control list. More advanced lists would be having more distinct control, but the general guidelines are mentioned below:

  • Access control list name, which would be depending on the router. It could be numeric or a combination of letters and numbers.
  • A term name or sequence number for each entry
  • A statement of denial or permission for that entry
  • A network protocol as well as associated function or ports
    • Examples include IP, IPX, ICMP, TCP, UDP, NETBIOS and many others
  • Destination as well as Source targets
    • These are typically addresses and can be defined as a single discrete address, a range or subnet, or all addresses
  • Additional flags or identifiers
    • These additional statements request additional functions when a match is found for the statement. These flags would be varying for each protocol but a common flag would be added to statements is the log feature that records any match to the statement into the router log.

So, if you wish to have more details about the Access Control Lists, you could have it on the courses, which are being offered at the SPOTO Club.

Post Views: 502
Tags: SPOTO certifcaion exam answers and questionsSPOTO Certification exam dumps
Newer Network Engineering Service Type Overview, Network Cutover Overview
Older Red Hat Certification Guide: Overview and Career Paths

Leave a Reply Cancel reply

Cisco Course

Latest Passing Reports

2.18-HPE6-A70
2.18-HPE6-A70
2.15-nse4
2.15-nse4
2.19-200-301
2.19-200-301
pmp
pmp
CCIEf Lab Exam
Categories
  • ACP
  • Aruba
  • AWS
  • CCIE
  • CCIE Lab
  • CCNA
  • CCNP
  • CEH v10
  • Check Point
  • CISA
  • Cisco
  • CISM
  • CISSP
  • CompTIA
  • COVID-19 News
  • F5
  • Fortinet
  • Free Study Materials
  • Huawei
  • ISACA
  • ISC
  • ITIL V4
  • Juniper
  • Linux
  • Microsoft
  • NOKIA
  • Oracle
  • OTHER
  • PCCSA
  • PCNSA
  • PCNSE
  • PgMP
  • PMI
  • PMP
  • python
  • Redhat
  • RMP
  • SPOTO News
  • VMware
  • 中文战报
Recent Posts
  • How long would it take to learn CompTIA A+?
  • What Is CISA Exam?
  • Can you pass PMP without studying?
  • Can I learn AWS on my own?
  • How many times can you fail the Cisco exam?
Recent Comments
  • derry on CCNA RS 200-125 Cisco Certified Network Associate Exam
  • Felicia on CCIE Routing and Switching V5.0 Lab Exam
  • Abed Kamukwema on Microsoft Certifications 70-741 MCSA Networking with Windows Server 2016 Exam
  • Rumesh Dushmantha on How Do I Verify a Cisco Certification?
  • Felix Kessy on CISA Certified Information Systems Auditor Exam
Tags
AWS Certification exam AWS certification exam dumps AWS Exam dumps AWS exam questions and answers AWS practice exam AWS Practice Tests AWS sample questions CCIE Certification exam ccie certification exam dumps ccna 200-301 exam dumps CCNA Certification exam dumps CCNA exam dumps CCNA Exam questions and answers CCNA practice exam CCNA practice tests CCNP exam dumps cisa exam dumps CISA exam questions and answers CISA practice tests Cisco certification cisco certification exam dumps cisco exam dumps Cisco exam questions and answers CISM exam dumps CISM Practice Tests CISSP answers and questions CISSP Certification exam cissp certification exam dumps cissp certification exam practices Cissp exam dumps Microsoft exam dumps pmp certification PMP certification exam dumps pmp exam PMP exam answers and questions pmp exam dumps PMP exam practice tests PMP Exam questions and answers PMP practice exam PMP practice exams PMP practice tests PMP sample questions SPOTO IT Training SPOTO pass news 思博ccie认证

SPOTO CLUB IT Certifications Dumps LOGO

SPOTO, founded in 2003, focus on online IT certification training for 17 years. SPOTO stands for Service, Professional, Outstanding, Teamwork and Obtain.

  • location_on
    Fuzhou, FuJian, China
  • phone_android
    +86 18344981205
Quick Links
  • CCIE Lab
  • Cisco Certifications
  • CCNA
  • CCNP
  • CCIE
  • CCDE
  • AWS
Newsletter

Don’t miss anything, sign up now and keep informed about our company.


User Links
Login | Register | News | Events | About Us | Contact Privacy
© 2021 Home. All rights reserved
keyboard_arrow_up

New 2020 Cisco CCNA CCNP Exam Dumps Are Available Now