What Is an Access Control List?
Access Control List (ACL) is an access control technology based on packet filtering. It can filter the packets on the interface according to the set conditions and allow them to pass or drop. Access control lists are widely used in routers and Layer 3 switches. With the help of access control lists, users can effectively control access to the network, thereby ensuring network security to the greatest extent. [1]
- Access control lists (ACLs) are applied in
- 1) Limit network traffic and improve network performance. For example, ACL can specify that this type of data packet has higher priority according to the protocol of the data packet, and can be processed by the network device in advance under the same circumstances. [4]
- When a datagram enters a port, the router checks whether the datagram is routable. [4]
- The use of ACL is divided into two steps: [2]
- ACL can be applied to many occasions, the most common application scenarios are as follows: [7]
- 1. Filter routing information passed between neighboring devices. [7]
- 2. Control exchange access to prevent illegal access to the device, such as controlling console interface, Telnet or SSH access. [7]
- 3. Control traffic and network access across network devices. [7]
- 4. Protect the router by restricting access to certain services on the router, such as HTP, SNMP and NIP. [7]
- 5. Define interesting flows for DDR and IPSeC VPN. [7]
- 6. Ability to implement QoS (Quality of Service) characteristics in IOS in a variety of ways. [7]
- 7, extended applications in other security technologies, such as TCP interception and IOS firewall. [7]