Close Menu

    Subscribe to Updates

    Get the latest creative news from FooBar about art, design and business.

    What's Hot

    Windows 10 End of Service: What Must Be Done

    19 March 2025

    Elementor #7217

    5 March 2025

    Why Windows is Still the Best for Gamers: A Deep Dive

    27 February 2025
    Facebook X (Twitter) Instagram
    Facebook X (Twitter) Instagram Vimeo
    Let's Tech It Easy
    Subscribe Login
    • Homepage
    • About
    • Blog
      • Computers
      • Cloud
      • Gaming
      • Cyber Security
      • iPhone
      • Mac
      • Windows
      • Android
    • Contact
    • My Tickets
    • Submit Ticket
    Let's Tech It Easy
    Home»Cyber Security»What exactly is an Access Control List (ACL)?
    Cyber Security

    What exactly is an Access Control List (ACL)?

    Vishalishwaran Deivasigamani SivakumarBy Vishalishwaran Deivasigamani Sivakumar11 April 2022Updated:20 August 2022No Comments6 Mins Read
    Facebook Twitter Pinterest LinkedIn Tumblr WhatsApp VKontakte Email
    Share
    Facebook Twitter LinkedIn Pinterest Email

    An access control list (ACL) is a collection of rules that specify who can access specific digital environments. ACLs are classified into two types:

    • Filesystem ACLs control access to files and directories. Filesystem ACLs inform operating systems about which users can access the system and what rights they are granted.
    • Networking ACLs control access to the network. ACLs in networking inform routers and switches about the types of traffic that can access the network and the permitted activities.

    Initially, ACLs were the sole means to defend a firewall. There are several types of firewalls and ACL solutions available today. On the other hand, organisations continue to utilise ACLs with technologies such as virtual private networks (VPNs) to designate which traffic should be encrypted and routed through a VPN tunnel.

    Justifications for utilising an ACL include the following:

    • Control of traffic flow
    • Network traffic restriction for improved network performance
    • A security level for network access specifies which sections of the server/network/service a user may access and which cannot.
    • Monitoring of traffic entering and departing the system on a granular level

    ACL’s Operation

    An ACL system directory is a table that notifies a computer operating system about a user’s access privileges to a system object, which may be a single file or a directory of files. Each item is associated with an access control list through a security attribute. Each user with system access permissions has an article in the list. Typical rights include:

    • Reading a single file (or all files) in a directory.
    • Executing the file.
    • Modifying the file or files.

    ACLs are used by various operating systems, including Microsoft Windows NT/2000, Digital’s OpenVMS, and UNIX-based systems. Network ACLs are implemented in routers and switches and act as traffic filters. Each networking access control list (ACL) comprises pre-set rules that specify whether packets or routing changes are permitted or refused access to a network.

    ACL-enabled routers and switches function similarly to packet filters, transferring or denying packets based on filtering criteria. As a Layer 3 device, a packet-filtering router utilizes rules to determine whether traffic should be granted or denied access. It determines this based on the source and destination IP addresses, the destination and source ports, and the packet’s official process.

    Fig.1. How do the ACLs works?

    Access control lists fall into four broad categories:

    • Standard ACL: An access list created entirely based on the source IP address. These access control lists permit or deny access to the protocol suite. They distinguish between IP communication types such as UDP, TCP, or HTTPS. They employ the digits 1 to 99 or 1300 to 1999 to ensure that the router recognises the address as the source IP address.
    • Extended ACL: A frequently used access list that allows differentiation of IP traffic. It makes sense of IP traffic by utilising source and destination IP addresses and port numbers. You may define which IP traffic should be permitted or blocked. They employ digits 100–199 and 2000–2699.
    • Dynamic ACL: Dynamic access control lists rely on extended access control lists, Telnet, and authentication. This form of ACL is sometimes referred to as “Lock and Key” and may be used to control access during specified periods. These lists only grant a user access to a source or destination device when the user authenticates through Telnet.
    • Reflexive ACL: Reflexive ACLs are also known as IP session ACLs. They filter traffic depending on information about the higher layer session. They respond to sessions initiated by allowing or restricting outgoing traffic. The router detects outgoing ACL traffic and produces an inward ACL entry. The entry is deleted at the end of the session.

    Fig.2. Placement of the ACLs

    What are the ACL’s Components?

    ACLs are implemented similarly in most routing platforms, sharing standard configuration rules. Bear in mind that an ACL is composed of rules or entries. We can have an ACL with single or numerous entries designed to perform some function; this function could permit or prohibit everything.

    When creating an ACL entry, you’ll require the following information.

    • Sequence Number: Utilize a number to identify an ACL entry.
    • ACL Name: Utilize a name to define an ACL entry. Instead of employing a sequential number sequence, some routers let use a mix of letters and numbers.
    • Remark: Certain Routers allow for adding comments to an ACL, which enables you to include elaborate descriptions.
    • Statement: Allow or deny access to a particular source depending on its address and wildcard mask. By default, specific routing devices, such as Cisco, add an implicit forbid statement to the end of each ACL.
    • Network Protocol: Indicate whether to deny/allow IP, IPX, ICMP, TCP, UDP, and NetBIOS access.
    • Source or Destination IP: Define the source or destination IP address as a single IP, a range of IP addresses (CIDR), or all IP addresses.
    • Log: Certain devices are capable of logging when ACL matches are discovered.
    • Additional Criteria: Advanced ACLs let you leverage type of service (ToS), IP precedence, and differentiated services codepoint (DSCP) priority to manage traffic.

    Conclusion

    Package channels serve as an organisation’s access control lists. They possess the authority to regulate, permit, or prohibit traffic, which is critical for security. You can use an ACL to manage packet flow for a single or a group of IP addresses and other protocols such as TCP, UDP, and ICMP. Using an ACL to block access to an inappropriate interface or an incorrectly developing source/objective might negatively affect the business. A single ACL statement may prevent an entire industry from accessing the Internet.

    Understanding the inbound and outgoing traffic streams and how and where users should set ACLs to avoid negative execution is vital. Keep in mind that a switch’s role is to redirect traffic to the proper interface, allowing a stream to enter (inbound) or exit (outbound) (outbound).

    While a powerful firewall delivers significantly improved protection, it might jeopardise an organisation’s appearance. However, an ACL is transmitted directly on the interface, and the switch handles it using its equipment capabilities, which speeds up the process while maintaining an acceptable amount of security.

    For cyber security-related issues of businesses: https://www.benchmarkitservices.com/cyber-security/

    For Data security related issues of businesses: https://www.benchmarkitservices.com/backup/

    Access Control List ACL ACL Components Dynamic ACL Filesystem ACL Network Network Security Networking ACL Reflexive ACL
    Share. Facebook Twitter Pinterest LinkedIn Tumblr WhatsApp Email
    Previous ArticleHierarchical Network Design (or) Cisco’s Hierarchical Model
    Next Article Parallel Computing: What Is It?
    Vishalishwaran Deivasigamani Sivakumar

    Related Posts

    Windows 10 End of Service: What Must Be Done

    19 March 2025

    Accessing a Windows External Hard Drive on Mac

    26 February 2025

    Cyber Security Best Practices for Remote Workers

    29 May 2024

    “Navigating the Digital Realm: A Beginner’s Guide to Cybersecurity”

    7 December 2023
    Leave A Reply Cancel Reply

    This site uses Akismet to reduce spam. Learn how your comment data is processed.

    Demo
    Our Picks
    • Facebook
    • Twitter
    • Pinterest
    • Instagram
    • YouTube
    • Vimeo
    Don't Miss
    Business

    Windows 10 End of Service: What Must Be Done

    By Uneeb19 March 20250

    On October 14, 2025, Microsoft will officially end support for Windows 10, signalling a major shift…

    Elementor #7217

    5 March 2025

    Why Windows is Still the Best for Gamers: A Deep Dive

    27 February 2025

    Accessing a Windows External Hard Drive on Mac

    26 February 2025

    Subscribe to Updates

    Get the latest creative news from SmartMag about art & design.

    You too can join us

    If you also think about technology and want to contribute either as a mentor or even from a learner’s perspective, look no further and join us. Write us at [email protected] and share your opinion. Our team will get back by sending you an invite to join the platform as a contributor. Empower others, empower yourself so each one of us can play with the technology safely one day without being scared.

    Subscribe Here
    Loading
    For Partnership Worldwide

    Contact:

    [email protected]

     

    About Us
    About Us

    “Let’s Tech It Easy” or popularly known as “LTIE” is the blogging platform for everyone who wants to share and learn about technology. It is an initiative by the serial techpreneur Vish when he realized the wide gap between the pace at which the technology is evolving and at which it is getting adopted by a wider audience.

    Email Us: [email protected]

    Latest Posts

    Upgrading RAM

    10 March 2023

    Desktop Vs Laptop

    10 March 2023

    Data Recovery

    3 March 2023

    MacOS on Windows Virtual Box

    10 February 2023

    macOS Monterey and what’s new in it?

    12 April 2022
    New Comments
    • How to Troubleshoot Sound and Mic on Windows 10 - Let's Tech It Easy on How to Access Troubleshooters on Windows 10
    • How to Stay Safe While Using Public Wi-Fi Networks - Let's Tech It Easy on Internet Security for Home Users – VPN 101
    • How to Set up Oracle VirtualBox on a Mac - Let's Tech It Easy on How to Install Windows 10 on a Mac Using Boot Camp Assistant
    • DoS Attack Implementation and Prevention in Ubuntu – Let's Tech It Easy on Top Kali Linux Commands
    Facebook X (Twitter) Instagram Pinterest
    • Homepage
    • About
    • Blog
    • Contact
    • Computers
    • Cloud
    • Gaming
    • Cyber Security
    • iPhone
    • Mac
    • Windows
    • My Tickets
    • Submit Ticket
    © 2025 LetsTechitEasy. Designed by Sukrit Infotech.

    Type above and press Enter to search. Press Esc to cancel.

    Sign In or Register

    Welcome Back!

    Login below or Register Now.

    Lost password?

    Register Now!

    Already registered? Login.

    A password will be e-mailed to you.