Category Archives: ACLs

What is VPN? Features of a Secure VPN

What are Features of a Secure VPN? VPNs use advanced encryption techniques and tunneling to permit organizations to establish secure, end-to-end, private network connections over the Internet. The basis of a secure VPN is data confidentiality, data integrity, and authentication: i  .   Data confidentiality – The common network security concern is protecting data from hackers. Data confidentiality aims at… Read More »

How to Apply ACLs on Interfaces Examples

Here on this page, we going to Configure standard access-list according to a given set of conditions. Instructions: 1. Hosts on Router R3 should not be able to access hosts on R2. 2. Only host A on R1 can access hosts on R2. 3. All other communication is allowed. Use standard access lists with ACL 1. 4. Apply the access-list 1 on serial interfaces… Read More »

What is Extended ACLs? Explained with Examples

Extended Access Control Lists. Like Standard ACLs, extended ACLs check the source packet addresses, destination address, protocols and port numbers. Extended Access Control Lists (ACLs) provide a greater range of control and, therefore, an addition to your security solution. Extended ACLs provides for more precise traffic-filtering control, you can use extended ACLs numbered 100 to 199 and 2000… Read More »

How To Configure Extended ACLs on a Cisco Router

Extended ACLs Configuration Example. The practical steps for configuring extended ACLs are the same as for Standard ACLs, you first create the extended ACL and then activate it on an interface. The figure below shows an example of how you might create an extended ACL specific to your network needs. In this example, the network administrator needs to restrict… Read More »

What is Complex ACLs? Explained with Examples

Complex Access Control Lists. When there is additional functionality on Standard and Extended ACLs, we term it to be complex or large ACLs. There are three categories of Complex or large ACLs: i.    Dynamic or Lock-and-key ACLs ii.   Reflexive ACLs iii.  Time-based ACLs What are Dynamic or Lock-and-key ACLs? Dynamic or Lock-and-key ACLs is an IP traffic filtering feature. This type of access control… Read More »

What are Common Network Security Threats?

Three common factors emerges when dealing with network security, these are vulnerability, threat, and attack. Vulnerabilities An experienced hacker knows that every network or device has a certain degree of vulnerability or weakness, and they take advantages of each security weakness or loophole to exploit the network.  A  Computer network hackers work round the clock in search of unsecured… Read More »

Configuring Extended ACLs Examples

Lets look at how to configure an extended access list to enable users on a network to browse secure and insecure websites. Firstly,  consider if the traffic you want to filter is going in or out. Trying to access websites on the Internet is traffic going out, receiving e-mails from the Internet is traffic coming in. Applying extended ACL… Read More »

What is Switchport ACLs?

How to Configure Switchport ACLs can also be used to control traffic on VLANs. Switch port ACLs can only be applied to Layer 2 interfaces in the inbound direction, and this controls traffic via IP access Lists. Switch port ACL application is usually effective when applied on a trunk port, be warned that, if applied on a port with… Read More »

What is IPv6 ACLs? Explained with Examples

There are similarities in operation and configuration of IPv6 ACLs and its predecessor IPv4 ACLs. If you are familiar with the basic operation and configuration of IPv4 access controls list, you will find  IPv6 ACLs easy to understand and configure too, the only difference is just the IPv6 addressing. IPv6 has only one type of ACL, which is… Read More »

What is Reflexive ACLs ? Explained with Examples

What are Reflexive ACLs? Reflexive ACLS also known as IP-Session-Filtering ACLs, is used to allow traffic sessions from a source network while denying IP traffic for sessions coming from outside network. It allows a network administrator to dynamically enable a network filtering router to manage session traffic. The router examines the outbound traffic and when it sees a… Read More »