Access Control List (ACL) by Arash Deljoo

RACL , VACL , PACL concepts , configuration and verification

5.00 (6 reviews)
Udemy
platform
English
language
Network & Security
category
Arash Deljoo
instructor
Access Control List (ACL) by Arash Deljoo
236
students
4.5 hours
content
Jun 2023
last update
$74.99
regular price

What you will learn

Standard Router Access Control List (RACL) concepts and configuration

Extended Router Access Control List (RACL) concepts and configuration

Port Access Control List (PACL) concepts and configuration

VLAN Access Control List (VACL) concepts and configuration

PACL , VACL and RACL Interaction

Why take this course?

Cisco ACLs are characterized by single or multiple permit/deny statements. The purpose is to filter inbound or outbound packets on a selected network interface. There are a variety of ACL types that are deployed based on requirements. Only two ACLs are permitted on a Cisco interface per protocol. That would include for instance a single IP ACL applied inbound and single IP ACL applied outbound.

Cisco best practices for creating and applying ACLs

  • Apply extended ACL near source

  • Apply standard ACL near destination

  • Order ACL with multiple statements from most specific to least specific.

  • Maximum of two ACLs can be applied to a Cisco network interface.

  • Only one ACL can be applied inbound or outbound per interface per Layer 3 protocol.

There are some recommended best practices when creating and applying access control lists (ACL). The network administrator should apply a standard ACL closest to the destination. The standard ACL statement is comprised of a source IP address and wildcard mask. There is a common number or name that assigns multiple statements to the same ACL.

Standard ACLs are an older type and very general. As a result they can inadvertently filter traffic incorrectly. Applying the standard ACL near the destination is recommended to prevents possible over-filtering. The extended ACL should be applied closest to the source. Extended ACLs are granular (specific) and provide more filtering options. They include source address, destination address, protocols and port numbers. Applying extended ACLs nearest to the source prevents traffic that should be filtered from traversing the network. That conserves bandwidth and additional processing required at each router hop from source to destination endpoints.

Some access control lists are comprised of multiple statements. The ordering of statements is key to ACL processing. The router starts from the top (first) and cycles through all statements until a matching statement is found. The packet is dropped when no match exists. Order all ACL statements from most specific to least specific. Assigning least specific statements first will sometimes cause a false match to occur. As a result the match on the intended ACL statement never occurs.

Charts

Price

Access Control List (ACL) by Arash Deljoo - Price chart

Rating

Access Control List (ACL) by Arash Deljoo - Ratings chart

Enrollment distribution

Access Control List (ACL) by Arash Deljoo - Distribution chart

Related Topics

Network Security
5268672
udemy ID
4/12/2023
course created date
4/16/2023
course indexed date
Bot
course submited by