# Access Control List

An Access Control List (ACL) is a fundamental network security mechanism used to control and manage access to network resources. It acts as a set of rules or conditions that determine what traffic is allowed to pass through a network device (such as a router, firewall, or switch) and what traffic is denied. ACLs are crucial for enforcing security policies, restricting unauthorized access, and protecting sensitive data within a network.

ACLs are typically applied at network entry points, such as on routers between different network segments or at firewall interfaces between the internal network and the internet. When network traffic passes through these points, ACL rules are evaluated to decide whether the traffic should be allowed or blocked based on specific criteria, such as source/destination IP addresses, port numbers, protocols, or other attributes.

There are two main types of ACLs used in network security:

## Standard ACLs:
Standard ACLs are simple and use only the source IP address to make permit or deny decisions. They are commonly applied at the network edge, close to the source of the traffic. Key characteristics of standard ACLs include:

__Limited Criteria__: Standard ACLs only consider the source IP address when deciding to permit or deny traffic. This makes them less precise but straightforward to configure.

__Placement__: Standard ACLs are typically placed on the inbound interface of a router or firewall. They are generally used to control traffic from certain hosts or networks, usually to block unwanted traffic or control access to specific services.

Example of a standard ACL rule:

>Router(config)# access-list 1 deny 192.168.1.50

>Router(config)# access-list 1 permit any

>Router(config)# interface GigabitEthernet0/0

>Router(config-if)# ip access-group 1 in

In this example, all traffic from the IP address 192.168.1.50 is denied, while all other traffic is permitted.

## Extended ACLs:
Extended ACLs offer more granular control and are widely used to define complex filtering rules based on multiple attributes, such as __source and destination IP addresses, protocols, port numbers__, and other criteria. They provide a more sophisticated way to filter traffic compared to standard ACLs. Key characteristics of extended ACLs include:

__Multiple Criteria__: Extended ACLs consider a combination of attributes when making permit or deny decisions, allowing administrators to define precise filtering rules.

__Placement__: Extended ACLs are usually applied closer to the destination, such as on the inbound or outbound interfaces of routers or firewalls, where more detailed decisions are required.

Example of an extended ACL rule:

>Router(config)# access-list 101 permit tcp host 192.168.1.100 host 10.0.0.50 eq 80

>Router(config)# access-list 101 deny ip any any

>Router(config)# interface GigabitEthernet0/0

>Router(config-if)# ip access-group 101 in

In this example, traffic from the source IP address 192.168.1.100 to the destination IP address 10.0.0.50 on port 80 (HTTP) is permitted, while all other traffic is denied.

ACLs are crucial components of network security, as they allow administrators to control access and secure their networks by selectively permitting or denying specific types of traffic. However, they require careful planning, regular review, and maintenance to ensure that they effectively fulfill the security requirements of the network and adapt to changing threats and usage patterns.

![image.png](attachment:image.png)