ACLs should be defined on
a per-protocol and per source/destination/port basis to achieve more granularity and control on various types of
traffic.
To better understand the use of ACLs, the next sections provide an overview of basic IP addressing, subnets and
masks, and IP classes.
Chapter 2. Access Control
The use of technology continues to expand in this digital age with the ever-increasing volume of data. An
exponential amount of data is crossing the networks today. Without any security mechanism in place, each
network has complete access to the other with no way of differentiating between authorized and unauthorized
activity.
One of the fundamental steps necessary to control network access is the capability to control the data flow
within a network. One of the many ways to achieve this is to use an ACL, or access control list (commonly
referred to as ACL). ACLs are effective, easy to configure, and available across all major Cisco products.
This chapter focuses primarily on the use and configuration of ACLs available on Cisco IOS and other devices for
traffic filtering. The chapter also gives an overview of IP addressing, IP classes, subnets, and masks.
Traffic Filtering Using ACLs
Cisco IOS provides traffic-filtering capabilities for ACLs with the capability to prevent traffic from entering or
exiting the network.
Pages:
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72