SlideShare uma empresa Scribd logo

Access control list 2

Transferir como PPT, PDF
Kishore Kumar
Kishore Kumar
TecnologiaNegócios
1 de 12
1
Access Control List • It is a Layer 3 security which controls the flow of traffic from one router to another. • It is also called as Packet Filtering Firewall. 2
ACL - Network Diagram 10.0.0.1/8 S0 HYD 11.0.0.1/8 S0 S1 10.0.0.2/8 E0 192.168.1.150/24 1.1 1.2 1.3 LAN - 192.168.1.0/24 2.1 CHE S1 11.0.0.2/8 E0 192.168.2.150/24 2.2 2.3 LAN - 192.168.2.0/24 3.1 BAN E0 192.168.3.150/2 3.2 3.3 LAN - 192.168.3.0/24 1.0 should not communicate with 2.0 network 3 1.0 should not communicate with 2.0 network
Types of Access-list • Standard ACL • Extended ACL • Named ACL 4
Standard Access List • The access-list number lies between 1 – 99 • Can block a Network, Host and Subnet • Two way communication is stopped • All services are blocked. • Implemented closest to the destination. (Guideline) 5
Extended Access List • The access-list number lies between 100 – 199 • Can block a Network, Host, Subnet and Service • One way communication is stopped • Selected services can be blocked. • Implemented closest to the source. (Guideline) 6
Terminology • Deny : Blocking a Network/Host/Subnet/Service • Permit : Allowing a Network/Host/Subnet/Service • Source Address : The address of the PC from where the request starts. Show Diagram • Destination address : The address of the PC where the request ends. • Inbound : Traffic coming into the interface • Outbound : Traffic going out of the interface 7
Terminology • Protocols : IP - TCP - UDP - ICMP • Operators : eq (equal to) neq (not equal to) lt (less than) gt (greater than) • Services : HTTP, FTP, TELNET, DNS, DHCP etc.. 8
Wild Card Mask • Tells the router which addressing bits must match in the address of the ACL statement. • It’s the inverse of the subnet mask, hence is also called as Inverse mask. • A bit value of 0 indicates MUST MATCH (Check Bits) • A bit value of 1 indicates IGNORE (Ignore Bits) • Wild Card Mask for a Host will be always 0.0.0.0 9
Wild Card Mask • A wild card mask can be calculated using the formula : Global Subnet Mask – Customized Subnet Mask ------------------------------Wild Card Mask E.g. 255.255.255.255 – 255.255.255.240 --------------------0. 0. 0. 15 10
11
ACL - Network Diagram 10.0.0.1/8 S0 HYD 11.0.0.1/8 S0 S1 10.0.0.2/8 E0 192.168.1.150/24 1.1 1.2 1.3 LAN - 192.168.1.0/24 2.1 CHE S1 11.0.0.2/8 E0 192.168.2.150/24 2.2 2.3 LAN - 192.168.2.0/24 3.1 BAN E0 192.168.3.150/2 3.2 3.3 LAN - 192.168.3.0/24 1.0 should not communicate with 2.0 network 1.0 should not communicate with 2.0 network 12

Recomendados

Access Control List 1
Access Control List 1Access Control List 1
Access Control List 1Kishore Kumar
 
Access control list [1]
Access control list [1]Access control list [1]
Access control list [1]Summit Bisht
 
Access Control List (ACL)
Access Control List (ACL)Access Control List (ACL)
Access Control List (ACL)ISMT College
 
Acl
AclAcl
AclRaghu Kiran
 
Cisco ACL
Cisco ACLCisco ACL
Cisco ACLfaust0
 
Access Control List & its Types
Access Control List & its TypesAccess Control List & its Types
Access Control List & its TypesNetwax Lab
 
Acl cisco
Acl ciscoAcl cisco
Acl ciscoTapan Khilar
 
ACL on Linux - Part 1
ACL on Linux - Part 1ACL on Linux - Part 1
ACL on Linux - Part 1GLC Networks
 

Recomendados

Access Control List 1
Access Control List 1Access Control List 1
Access Control List 1Kishore Kumar
 
Access control list [1]
Access control list [1]Access control list [1]
Access control list [1]Summit Bisht
 
Access Control List (ACL)
Access Control List (ACL)Access Control List (ACL)
Access Control List (ACL)ISMT College
 
Acl
AclAcl
AclRaghu Kiran
 
Cisco ACL
Cisco ACLCisco ACL
Cisco ACLfaust0
 
Access Control List & its Types
Access Control List & its TypesAccess Control List & its Types
Access Control List & its TypesNetwax Lab
 
Acl cisco
Acl ciscoAcl cisco
Acl ciscoTapan Khilar
 
ACL on Linux - Part 1
ACL on Linux - Part 1ACL on Linux - Part 1
ACL on Linux - Part 1GLC Networks
 
Mpls concepts. Time to Certify
Mpls concepts. Time to CertifyMpls concepts. Time to Certify
Mpls concepts. Time to CertifyJose Antonio Omedes
 
Radius Protocol
Radius ProtocolRadius Protocol
Radius ProtocolNetwax Lab
 
Differences of the Cisco Operating Systems
Differences of the Cisco Operating SystemsDifferences of the Cisco Operating Systems
Differences of the Cisco Operating Systems美兰 曾
 
CCNA
CCNACCNA
CCNAAbhishek Parihari
 
Port Security
Port SecurityPort Security
Port SecurityNetProtocol Xpert
 
Telnet & SSH
Telnet & SSH Telnet & SSH
Telnet & SSH NetProtocol Xpert
 
Subnetting a class_c_address
Subnetting a class_c_addressSubnetting a class_c_address
Subnetting a class_c_addressrizwanaabassi
 
Static Routing
Static RoutingStatic Routing
Static RoutingKishore Kumar
 
Kamailio - Secure Communication
Kamailio - Secure CommunicationKamailio - Secure Communication
Kamailio - Secure CommunicationDaniel-Constantin Mierla
 
Dns(Domain name system)
Dns(Domain name system)Dns(Domain name system)
Dns(Domain name system)Fâhém Ähmêd
 
Chapter 20 : access control lists
Chapter 20 : access control listsChapter 20 : access control lists
Chapter 20 : access control liststeknetir
 
Policy Based Routing
Policy Based RoutingPolicy Based Routing
Policy Based RoutingNetProtocol Xpert
 
CCNA Lab Guide
CCNA Lab GuideCCNA Lab Guide
CCNA Lab GuideSalachudin Emir
 
Chapter 10 - DHCP
Chapter 10 - DHCPChapter 10 - DHCP
Chapter 10 - DHCPYaser Rahmati
 
Juniper Bgp
Juniper BgpJuniper Bgp
Juniper BgpHussein Elmenshawy
 
Acl
AclAcl
AclRicardo Anchante
 
Vlsm
VlsmVlsm
VlsmComputer Hardware & Trouble shooting
 
Network Address Translation (NAT)
Network Address Translation (NAT)Network Address Translation (NAT)
Network Address Translation (NAT)Joud Khattab
 
Subnetting
SubnettingSubnetting
SubnettingKishore Kumar
 
Day 1 INTRODUCTION TO IOS AND CISCO ROUTERS
Day 1 INTRODUCTION TO IOS AND CISCO ROUTERSDay 1 INTRODUCTION TO IOS AND CISCO ROUTERS
Day 1 INTRODUCTION TO IOS AND CISCO ROUTERSanilinvns
 
CCNA part 7 acl
CCNA part 7 aclCCNA part 7 acl
CCNA part 7 aclSandeep Sharma IIMK Smart City,IoT,Bigdata,Cloud,BI,DW
 
Access control list
Access control listAccess control list
Access control listNarendra Kumar
 

Mais conteúdo relacionado

Mais procurados

Radius Protocol
Radius ProtocolRadius Protocol
Radius ProtocolNetwax Lab
 
Differences of the Cisco Operating Systems
Differences of the Cisco Operating SystemsDifferences of the Cisco Operating Systems
Differences of the Cisco Operating Systems美兰 曾
 
Subnetting a class_c_address
Subnetting a class_c_addressSubnetting a class_c_address
Subnetting a class_c_addressrizwanaabassi
 
Chapter 20 : access control lists
Chapter 20 : access control listsChapter 20 : access control lists
Chapter 20 : access control liststeknetir
 
Network Address Translation (NAT)
Network Address Translation (NAT)Network Address Translation (NAT)
Network Address Translation (NAT)Joud Khattab
 
Day 1 INTRODUCTION TO IOS AND CISCO ROUTERS
Day 1 INTRODUCTION TO IOS AND CISCO ROUTERSDay 1 INTRODUCTION TO IOS AND CISCO ROUTERS
Day 1 INTRODUCTION TO IOS AND CISCO ROUTERSanilinvns
 

Mais procurados (20)

Mpls concepts. Time to Certify
Mpls concepts. Time to CertifyMpls concepts. Time to Certify
Mpls concepts. Time to Certify
 
Radius Protocol
Radius ProtocolRadius Protocol
Radius Protocol
 
Differences of the Cisco Operating Systems
Differences of the Cisco Operating SystemsDifferences of the Cisco Operating Systems
Differences of the Cisco Operating Systems
 
CCNA
CCNACCNA
CCNA
 
Port Security
Port SecurityPort Security
Port Security
 
Telnet & SSH
Telnet & SSH Telnet & SSH
Telnet & SSH
 
Subnetting a class_c_address
Subnetting a class_c_addressSubnetting a class_c_address
Subnetting a class_c_address
 
Static Routing
Static RoutingStatic Routing
Static Routing
 
Kamailio - Secure Communication
Kamailio - Secure CommunicationKamailio - Secure Communication
Kamailio - Secure Communication
 
Dns(Domain name system)
Dns(Domain name system)Dns(Domain name system)
Dns(Domain name system)
 
Chapter 20 : access control lists
Chapter 20 : access control listsChapter 20 : access control lists
Chapter 20 : access control lists
 
Policy Based Routing
Policy Based RoutingPolicy Based Routing
Policy Based Routing
 
CCNA Lab Guide
CCNA Lab GuideCCNA Lab Guide
CCNA Lab Guide
 
Chapter 10 - DHCP
Chapter 10 - DHCPChapter 10 - DHCP
Chapter 10 - DHCP
 
Juniper Bgp
Juniper BgpJuniper Bgp
Juniper Bgp
 
Acl
AclAcl
Acl
 
Vlsm
VlsmVlsm
Vlsm
 
Network Address Translation (NAT)
Network Address Translation (NAT)Network Address Translation (NAT)
Network Address Translation (NAT)
 
Subnetting
SubnettingSubnetting
Subnetting
 
Day 1 INTRODUCTION TO IOS AND CISCO ROUTERS
Day 1 INTRODUCTION TO IOS AND CISCO ROUTERSDay 1 INTRODUCTION TO IOS AND CISCO ROUTERS
Day 1 INTRODUCTION TO IOS AND CISCO ROUTERS
 

Destaque

Uccn1003 -may09_-_lect09_-_access_control_list_acl_
Uccn1003 -may09_-_lect09_-_access_control_list_acl_Uccn1003 -may09_-_lect09_-_access_control_list_acl_
Uccn1003 -may09_-_lect09_-_access_control_list_acl_Shu Shin
 
Joomla Access Control List (ACL) at JoomlaDay London, UK #jduk11
Joomla Access Control List (ACL) at JoomlaDay London, UK #jduk11Joomla Access Control List (ACL) at JoomlaDay London, UK #jduk11
Joomla Access Control List (ACL) at JoomlaDay London, UK #jduk11Sander Potjer
 
CCNAv5 - S2: Chapter 9 Access Control Lists
CCNAv5 - S2: Chapter 9 Access Control ListsCCNAv5 - S2: Chapter 9 Access Control Lists
CCNAv5 - S2: Chapter 9 Access Control ListsVuz Dở Hơi
 
Authentication Technologies
Authentication TechnologiesAuthentication Technologies
Authentication TechnologiesNicholas Davis
 
CCNA Routing and Switching Lessons 08-09 - Routing Protocols - Eric Vanderburg
CCNA Routing and Switching Lessons 08-09 - Routing Protocols - Eric VanderburgCCNA Routing and Switching Lessons 08-09 - Routing Protocols - Eric Vanderburg
CCNA Routing and Switching Lessons 08-09 - Routing Protocols - Eric VanderburgEric Vanderburg
 
Operating system security
Operating system securityOperating system security
Operating system securityRachel Jeewa
 
Authentication(pswrd,token,certificate,biometric)
Authentication(pswrd,token,certificate,biometric)Authentication(pswrd,token,certificate,biometric)
Authentication(pswrd,token,certificate,biometric)Ali Raw
 
System protection in Operating System
System protection in Operating SystemSystem protection in Operating System
System protection in Operating Systemsohaildanish
 
Operating System Security
Operating System SecurityOperating System Security
Operating System SecurityRamesh Upadhaya
 
Operating system security
Operating system securityOperating system security
Operating system securitySarmad Makhdoom
 

Destaque (20)

CCNA part 7 acl
CCNA part 7 aclCCNA part 7 acl
CCNA part 7 acl
 
Access control list
Access control listAccess control list
Access control list
 
Uccn1003 -may09_-_lect09_-_access_control_list_acl_
Uccn1003 -may09_-_lect09_-_access_control_list_acl_Uccn1003 -may09_-_lect09_-_access_control_list_acl_
Uccn1003 -may09_-_lect09_-_access_control_list_acl_
 
Joomla Access Control List (ACL) at JoomlaDay London, UK #jduk11
Joomla Access Control List (ACL) at JoomlaDay London, UK #jduk11Joomla Access Control List (ACL) at JoomlaDay London, UK #jduk11
Joomla Access Control List (ACL) at JoomlaDay London, UK #jduk11
 
CCNAv5 - S2: Chapter 9 Access Control Lists
CCNAv5 - S2: Chapter 9 Access Control ListsCCNAv5 - S2: Chapter 9 Access Control Lists
CCNAv5 - S2: Chapter 9 Access Control Lists
 
Rip Update Timers
Rip Update TimersRip Update Timers
Rip Update Timers
 
Authentication Technologies
Authentication TechnologiesAuthentication Technologies
Authentication Technologies
 
Switching 2
Switching 2Switching 2
Switching 2
 
Authentication techniques
Authentication techniquesAuthentication techniques
Authentication techniques
 
CCNA Routing and Switching Lessons 08-09 - Routing Protocols - Eric Vanderburg
CCNA Routing and Switching Lessons 08-09 - Routing Protocols - Eric VanderburgCCNA Routing and Switching Lessons 08-09 - Routing Protocols - Eric Vanderburg
CCNA Routing and Switching Lessons 08-09 - Routing Protocols - Eric Vanderburg
 
Ccna training report
Ccna training reportCcna training report
Ccna training report
 
Dynamic Routing RIP
Dynamic Routing RIPDynamic Routing RIP
Dynamic Routing RIP
 
Dynamic routing protocols (CCNA)
Dynamic routing protocols (CCNA)Dynamic routing protocols (CCNA)
Dynamic routing protocols (CCNA)
 
Chapter 14 - Protection
Chapter 14 - ProtectionChapter 14 - Protection
Chapter 14 - Protection
 
Operating system security
Operating system securityOperating system security
Operating system security
 
Honeypot
Honeypot Honeypot
Honeypot
 
Authentication(pswrd,token,certificate,biometric)
Authentication(pswrd,token,certificate,biometric)Authentication(pswrd,token,certificate,biometric)
Authentication(pswrd,token,certificate,biometric)
 
System protection in Operating System
System protection in Operating SystemSystem protection in Operating System
System protection in Operating System
 
Operating System Security
Operating System SecurityOperating System Security
Operating System Security
 
Operating system security
Operating system securityOperating system security
Operating system security
 

Semelhante a Access control list 2

Addressing in networking (IP,MAC,Port addressing)
Addressing in networking (IP,MAC,Port addressing)Addressing in networking (IP,MAC,Port addressing)
Addressing in networking (IP,MAC,Port addressing)Geethu Jose
 
Securing management, control & data plane
Securing management, control & data planeSecuring management, control & data plane
Securing management, control & data planeNetProtocol Xpert
 
Network protocols and vulnerabilities
Network protocols and vulnerabilitiesNetwork protocols and vulnerabilities
Network protocols and vulnerabilitiesG Prachi
 
14 network tools
14 network tools14 network tools
14 network toolsShay Cohen
 
Ch2 ccna exploration 3 lan switching and wireless
Ch2 ccna exploration 3 lan switching and wirelessCh2 ccna exploration 3 lan switching and wireless
Ch2 ccna exploration 3 lan switching and wirelesskratos2424
 
Modul 5 access control list
Modul 5 access control listModul 5 access control list
Modul 5 access control listdiah risqiwati
 
CCNA 1 v6.0 Final Exam Answers Option B 2018
CCNA 1 v6.0 Final Exam Answers Option B 2018CCNA 1 v6.0 Final Exam Answers Option B 2018
CCNA 1 v6.0 Final Exam Answers Option B 2018Download Mipdfcom
 
Unit 2 - Internet Protocol Overview - IT
Unit 2 - Internet Protocol Overview - ITUnit 2 - Internet Protocol Overview - IT
Unit 2 - Internet Protocol Overview - ITDeepraj Bhujel
 
Practice exam #2
Practice exam #2Practice exam #2
Practice exam #2Kris Mofu
 
ACIT - CCNA Training Course Topic - Switch Stp ACIT
ACIT - CCNA Training Course Topic - Switch Stp ACITACIT - CCNA Training Course Topic - Switch Stp ACIT
ACIT - CCNA Training Course Topic - Switch Stp ACITSleek International
 
Guide to protecting networks - Eric Vanderburg
Guide to protecting networks - Eric VanderburgGuide to protecting networks - Eric Vanderburg
Guide to protecting networks - Eric VanderburgEric Vanderburg
 
Access List in Networks
Access List in NetworksAccess List in Networks
Access List in Networkswolverinetyagi
 
Network Design on cisco packet tracer 6.0
Network Design on cisco packet tracer 6.0Network Design on cisco packet tracer 6.0
Network Design on cisco packet tracer 6.0Saurav Pandey
 
Technical Overview of QUIC
Technical Overview of QUICTechnical Overview of QUIC
Technical Overview of QUICshigeki_ohtsu
 
06 fr technology-030420
06 fr technology-03042006 fr technology-030420
06 fr technology-030420jitendra Samal
 
Alu 9900 wng_nbi_v03
Alu 9900 wng_nbi_v03Alu 9900 wng_nbi_v03
Alu 9900 wng_nbi_v03navaidkhan
 

Semelhante a Access control list 2 (20)

Chapter10ccna
Chapter10ccnaChapter10ccna
Chapter10ccna
 
Addressing in networking (IP,MAC,Port addressing)
Addressing in networking (IP,MAC,Port addressing)Addressing in networking (IP,MAC,Port addressing)
Addressing in networking (IP,MAC,Port addressing)
 
Securing management, control & data plane
Securing management, control & data planeSecuring management, control & data plane
Securing management, control & data plane
 
Network protocols and vulnerabilities
Network protocols and vulnerabilitiesNetwork protocols and vulnerabilities
Network protocols and vulnerabilities
 
14 network tools
14 network tools14 network tools
14 network tools
 
Networking basics
Networking basicsNetworking basics
Networking basics
 
Firewalls
FirewallsFirewalls
Firewalls
 
Ch2 ccna exploration 3 lan switching and wireless
Ch2 ccna exploration 3 lan switching and wirelessCh2 ccna exploration 3 lan switching and wireless
Ch2 ccna exploration 3 lan switching and wireless
 
Modul 5 access control list
Modul 5 access control listModul 5 access control list
Modul 5 access control list
 
CCNA 1 v6.0 Final Exam Answers Option B 2018
CCNA 1 v6.0 Final Exam Answers Option B 2018CCNA 1 v6.0 Final Exam Answers Option B 2018
CCNA 1 v6.0 Final Exam Answers Option B 2018
 
Firewall
FirewallFirewall
Firewall
 
Unit 2 - Internet Protocol Overview - IT
Unit 2 - Internet Protocol Overview - ITUnit 2 - Internet Protocol Overview - IT
Unit 2 - Internet Protocol Overview - IT
 
Practice exam #2
Practice exam #2Practice exam #2
Practice exam #2
 
ACIT - CCNA Training Course Topic - Switch Stp ACIT
ACIT - CCNA Training Course Topic - Switch Stp ACITACIT - CCNA Training Course Topic - Switch Stp ACIT
ACIT - CCNA Training Course Topic - Switch Stp ACIT
 
Guide to protecting networks - Eric Vanderburg
Guide to protecting networks - Eric VanderburgGuide to protecting networks - Eric Vanderburg
Guide to protecting networks - Eric Vanderburg
 
Access List in Networks
Access List in NetworksAccess List in Networks
Access List in Networks
 
Network Design on cisco packet tracer 6.0
Network Design on cisco packet tracer 6.0Network Design on cisco packet tracer 6.0
Network Design on cisco packet tracer 6.0
 
Technical Overview of QUIC
Technical Overview of QUICTechnical Overview of QUIC
Technical Overview of QUIC
 
06 fr technology-030420
06 fr technology-03042006 fr technology-030420
06 fr technology-030420
 
Alu 9900 wng_nbi_v03
Alu 9900 wng_nbi_v03Alu 9900 wng_nbi_v03
Alu 9900 wng_nbi_v03
 

Mais de Kishore Kumar

Route Authentication
Route AuthenticationRoute Authentication
Route AuthenticationKishore Kumar
 
Recognizing security threats
Recognizing security threatsRecognizing security threats
Recognizing security threatsKishore Kumar
 
Ccna simulation exam practice guide
Ccna simulation exam practice guideCcna simulation exam practice guide
Ccna simulation exam practice guideKishore Kumar
 
Internal & External of Routers
Internal & External of RoutersInternal & External of Routers
Internal & External of RoutersKishore Kumar
 
Integrated Service Digital Network
Integrated Service Digital NetworkIntegrated Service Digital Network
Integrated Service Digital NetworkKishore Kumar
 
Initial Configuration of Router
Initial Configuration of RouterInitial Configuration of Router
Initial Configuration of RouterKishore Kumar
 
Multi Static Routng & Default Routing
Multi Static Routng & Default RoutingMulti Static Routng & Default Routing
Multi Static Routng & Default RoutingKishore Kumar
 

Mais de Kishore Kumar (20)

Switching Types
Switching TypesSwitching Types
Switching Types
 
Switching Types
Switching TypesSwitching Types
Switching Types
 
Route Authentication
Route AuthenticationRoute Authentication
Route Authentication
 
Recognizing security threats
Recognizing security threatsRecognizing security threats
Recognizing security threats
 
Ccna simulation exam practice guide
Ccna simulation exam practice guideCcna simulation exam practice guide
Ccna simulation exam practice guide
 
RIP Update Timers
RIP Update TimersRIP Update Timers
RIP Update Timers
 
Password Recovery
Password RecoveryPassword Recovery
Password Recovery
 
OSPF 3
OSPF 3OSPF 3
OSPF 3
 
OSPF 2
OSPF 2OSPF 2
OSPF 2
 
Ip addressing
Ip addressingIp addressing
Ip addressing
 
Internal & External of Routers
Internal & External of RoutersInternal & External of Routers
Internal & External of Routers
 
Integrated Service Digital Network
Integrated Service Digital NetworkIntegrated Service Digital Network
Integrated Service Digital Network
 
Initial Configuration of Router
Initial Configuration of RouterInitial Configuration of Router
Initial Configuration of Router
 
Frame Relay
Frame RelayFrame Relay
Frame Relay
 
Multi Static Routng & Default Routing
Multi Static Routng & Default RoutingMulti Static Routng & Default Routing
Multi Static Routng & Default Routing
 
OSI Layers
OSI LayersOSI Layers
OSI Layers
 
Password Recovery
Password RecoveryPassword Recovery
Password Recovery
 
OSPF 3
OSPF 3OSPF 3
OSPF 3
 
OSPF 2
OSPF 2OSPF 2
OSPF 2
 
IP Addressing
IP AddressingIP Addressing
IP Addressing
 

Último

Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024The Digital Insurer
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 

Último (20)

Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 

Access control list 2

  • 1. 1
  • 2. Access Control List • It is a Layer 3 security which controls the flow of traffic from one router to another. • It is also called as Packet Filtering Firewall. 2
  • 3. ACL - Network Diagram 10.0.0.1/8 S0 HYD 11.0.0.1/8 S0 S1 10.0.0.2/8 E0 192.168.1.150/24 1.1 1.2 1.3 LAN - 192.168.1.0/24 2.1 CHE S1 11.0.0.2/8 E0 192.168.2.150/24 2.2 2.3 LAN - 192.168.2.0/24 3.1 BAN E0 192.168.3.150/2 3.2 3.3 LAN - 192.168.3.0/24 1.0 should not communicate with 2.0 network 3 1.0 should not communicate with 2.0 network
  • 4. Types of Access-list • Standard ACL • Extended ACL • Named ACL 4
  • 5. Standard Access List • The access-list number lies between 1 – 99 • Can block a Network, Host and Subnet • Two way communication is stopped • All services are blocked. • Implemented closest to the destination. (Guideline) 5
  • 6. Extended Access List • The access-list number lies between 100 – 199 • Can block a Network, Host, Subnet and Service • One way communication is stopped • Selected services can be blocked. • Implemented closest to the source. (Guideline) 6
  • 7. Terminology • Deny : Blocking a Network/Host/Subnet/Service • Permit : Allowing a Network/Host/Subnet/Service • Source Address : The address of the PC from where the request starts. Show Diagram • Destination address : The address of the PC where the request ends. • Inbound : Traffic coming into the interface • Outbound : Traffic going out of the interface 7
  • 8. Terminology • Protocols : IP - TCP - UDP - ICMP • Operators : eq (equal to) neq (not equal to) lt (less than) gt (greater than) • Services : HTTP, FTP, TELNET, DNS, DHCP etc.. 8
  • 9. Wild Card Mask • Tells the router which addressing bits must match in the address of the ACL statement. • It’s the inverse of the subnet mask, hence is also called as Inverse mask. • A bit value of 0 indicates MUST MATCH (Check Bits) • A bit value of 1 indicates IGNORE (Ignore Bits) • Wild Card Mask for a Host will be always 0.0.0.0 9
  • 10. Wild Card Mask • A wild card mask can be calculated using the formula : Global Subnet Mask – Customized Subnet Mask ------------------------------Wild Card Mask E.g. 255.255.255.255 – 255.255.255.240 --------------------0. 0. 0. 15 10
  • 11. 11
  • 12. ACL - Network Diagram 10.0.0.1/8 S0 HYD 11.0.0.1/8 S0 S1 10.0.0.2/8 E0 192.168.1.150/24 1.1 1.2 1.3 LAN - 192.168.1.0/24 2.1 CHE S1 11.0.0.2/8 E0 192.168.2.150/24 2.2 2.3 LAN - 192.168.2.0/24 3.1 BAN E0 192.168.3.150/2 3.2 3.3 LAN - 192.168.3.0/24 1.0 should not communicate with 2.0 network 1.0 should not communicate with 2.0 network 12