What is the ACL network?
The
ACL network is really like any other computer network, with the exception that routers and switches running on the network follow a predetermined list of access permissions. Network routers receive a list of rules called ACL control list (ACL) that can allow basic admission to or from the network segment and permission to access services that may be available through them. While ACL can be used in other computer services, such as user authorization to access files stored on your computer, in the case of ACL network, rules are used on network interfaces and ports that travel communication data. In most cases, this occurs on a network router or switch. However, some firewall programs are built into the operating system, however, can also be considered as a form of access management. When the Packet data enters or leaves the interface on a network device, its authorization is evaluated by checked against ACL. If this is rightIt is not fulfilled, the packet is denied travel.
ACL is composed of access control (ACE). Each ace in the list contains the appropriate information about the entitlements for packets input or abandoned the ACL network interface. Each ace will include a statement of permission or denying, as well as other criteria that will have to meet the packet. In most cases, packets are evaluated on the basis of conventional Internet protocol standards (IP), such as SKOCL transmission (TCP), UDP (user datagram) and others in the set. Of the most basic types of ACL, only the original address is checked, while in the extended ACL it is possible to determine rules that check original and target addresses, as well as specific ports that the traffic both come from and are destined.
In the ACL network, the control lists are created in network routers and switches. Each seller of network hardware can have separate rules forthe way ACL must be constructed. Regardless of which hardware manufacturer or software developer has created programming that processes packets against ACL, the most important aspect of ACL implementation is planning. In the case of poor planning, it is quite possible for the administrator to apply for a certain router, to implement the ACL on this router, and suddenly found itself locked from this router or some segment of the entire network.
One of the most common ACL implementations is built into the proprietary Internet operating system (iOS) created by Cisco Systems®. On the routers and the CISCO® iOS switches, the ACL is manually entered and is implemented automatically because each item is added in the list. ACL needs to be implemented gradually to match the item as a single packet, the rest that falls within the same authorization can keep the action. Any changes in the list mean that it is necessary to rewrite it in full.
Although it is not as safe as the firewall for network protection, ACL is useful except for a number of scenarios. The administrator may limit the operation to the AZ certain areas of a larger network or maintain operation from certain addresses from leaving the network completely. Packets can be monitored in the ACL network to find problem areas in the network, identify hosts who behave incorrectly, or watch client computers that can be infected with a virus that attempts to spread. ACL can also be used to specify traffic that needs to be encrypted between nodes in the network.