Access Control List

October 26, 2022
An access control list (ACL) is a list that defines who or what can access an object (program, process, or file) and what operations the subject (user or group) is allowed or forbidden to perform. Mainly it is used for filtering network traffic, especially in PC security settings.

How it works

ACLs permit specific system objects like directories or file access to authorized users and deny access to unauthorized users. Each item in an ACL specifies a subject and an operation.

Users have different levels of privilege. For example, if a file object has an ACL that contains (John: delete; Jenny: read; Craig: read, write), this would give John permission to delete a file, Jenny permission only to read, and Craig permission to read and write.

ACLs are installed at switches and routers, where they work like filters and manage traffic access to the network.

Also, ACLs are built into OSes and network interfaces, where they ban or authorize types of traffic to the network.

The source and destination of traffic are the main principles of filtering. ACLs deliver the main objective through the identification and management of network access behaviors, traffic flow management, and granular watching.

What problems ACL solve

ACL is one of the productive ways to protect networks and quality of service in organizations. ACL solves the following problems:

  • prevent viruses and malicious code from entering the organization,
  • overtaking of network information measure by unsuitable services, thereby denying resources to special services,
  • data breaches of counselling.

Types Of ACLs

There are four kinds of ACLs.

  1. Standard ACLs permits you to solely appraise packet supply information science addresses. They additionally use numbers 1300-1999 or 1-99 in order that the router will determine the precise address because the supply information science address. Standard ACLs are not so powerful as extended ACLs however use less computing power.
  2. Extended ACLs permits you to dam supply and destination for specific hosts or the entire network. With extended ACLs it’s attainable to filter traffic supported protocols: IP, TCP, ICMP, UDP.
  3. Reflexive ACLs are referred to as information science session ACLs. They use upper-layer session details to filter traffic.
  4. Dynamic ACLs are robust with respect to advanced ACLs, Telnet and authentication. They give administrators the flexibility to configure access. For example, allow a user to access a resource temporarily, or deny access to a router from the WAN, but still allow a small group of people access to it.
We use cookies to optimize site functionality and give you the best possible experience. To learn more about the cookies we use, please visit our Cookies Policy. By clicking ‘Okay’, you agree to our use of cookies. Learn more.