Access Control List (ACL): what is it, how it works
#DPI
Mục Lục
Access Control List
Access Control List (ACL) refers to a specific set of rules used for filtering network traffic, especially in computer security settings. ACLs also allow specific system objects such as directories or file access to authorized users and denies access to unauthorized users.
ACLs are mainly found in network devices with packet filtering capabilities including routers and switches.
How ACLs Work
Different ACLs have different working mechanisms based on what they do. For File system ACLs, they work by creating tables that inform the operating system of access privileges given for certain system subjects. Each object has a unique security property that acts as an identification factor in its access control list. Some privileges include read/write privileges, file execution, and several others.
Some popular operating systems utilizing this mechanism include Unix-based systems, Windows NT/2000, and Novell’s Netware.
In the case of Networking ACLS, they are installed in networking devices (Routers and switches) with the sole purpose of filtering traffic. This is done by using pre-defined rules that decided which packets transferred. Source and destination IP addresses also play a major role in this decision.
Packet filtering improves network security by decreasing network traffic access, restricting device and user access to the involved network.
Access lists are sequential, and are made up of two major components; permit and deny statements. A name and a number are used to identify access lists.
Types Of ACLs
There are four types of ACLs that play different roles in a network including, Standard, Reflexive, Extended, and Dynamic:
Standard ACL
This type allows you to only evaluate packet source IP addresses. They are not as powerful as extended ACLs but use less computing power. They also use numbers 1300-1999 or 1-99 so that the router can identify the specific address as the source IP address.
Extended ACL
These types of ACL allow you to block source and destination for specific hosts or the whole network. With Extended ACLs it’s possible to filter traffic based on protocols (IP, TCP, ICMP, and UDP).
Reflexive ACL
Also known as IP session ACLs, Reflective ACLs use upper-layer session details to filter traffic.
Dynamic ACL
As the term suggests, Dynamic ACLs are reliable on extended ACLs, Telnet, and authentication. They grant users access to a resource only if the user authenticates the device through tenet.
ACL Applications
Cybersecurity threats have always been on the rise, and ACL is one of the many ways enforced to protect networks and quality of service in organizations. ACLs are implemented to solve problems including:
- Data breaches of confidential information
- Overtaking of network bandwidth by irrelevant services thereby denying resources to important services
- Viruses and malicious code from entering the organization
ACLs achieve their main objective through the identification and control of network access behaviors, traffic flow control, and granular monitoring.