SlideShare una empresa de Scribd logo

Access control list 2

Descargar como PPT, PDF
Kishore Kumar
Kishore Kumar
TecnologíaEmpresariales
1 de 12
1
Access Control List • It is a Layer 3 security which controls the flow of traffic from one router to another. • It is also called as Packet Filtering Firewall. 2
ACL - Network Diagram 10.0.0.1/8 S0 HYD 11.0.0.1/8 S0 S1 10.0.0.2/8 E0 192.168.1.150/24 1.1 1.2 1.3 LAN - 192.168.1.0/24 2.1 CHE S1 11.0.0.2/8 E0 192.168.2.150/24 2.2 2.3 LAN - 192.168.2.0/24 3.1 BAN E0 192.168.3.150/2 3.2 3.3 LAN - 192.168.3.0/24 1.0 should not communicate with 2.0 network 3 1.0 should not communicate with 2.0 network
Types of Access-list • Standard ACL • Extended ACL • Named ACL 4
Standard Access List • The access-list number lies between 1 – 99 • Can block a Network, Host and Subnet • Two way communication is stopped • All services are blocked. • Implemented closest to the destination. (Guideline) 5
Extended Access List • The access-list number lies between 100 – 199 • Can block a Network, Host, Subnet and Service • One way communication is stopped • Selected services can be blocked. • Implemented closest to the source. (Guideline) 6
Terminology • Deny : Blocking a Network/Host/Subnet/Service • Permit : Allowing a Network/Host/Subnet/Service • Source Address : The address of the PC from where the request starts. Show Diagram • Destination address : The address of the PC where the request ends. • Inbound : Traffic coming into the interface • Outbound : Traffic going out of the interface 7
Terminology • Protocols : IP - TCP - UDP - ICMP • Operators : eq (equal to) neq (not equal to) lt (less than) gt (greater than) • Services : HTTP, FTP, TELNET, DNS, DHCP etc.. 8
Wild Card Mask • Tells the router which addressing bits must match in the address of the ACL statement. • It’s the inverse of the subnet mask, hence is also called as Inverse mask. • A bit value of 0 indicates MUST MATCH (Check Bits) • A bit value of 1 indicates IGNORE (Ignore Bits) • Wild Card Mask for a Host will be always 0.0.0.0 9
Wild Card Mask • A wild card mask can be calculated using the formula : Global Subnet Mask – Customized Subnet Mask ------------------------------Wild Card Mask E.g. 255.255.255.255 – 255.255.255.240 --------------------0. 0. 0. 15 10
11
ACL - Network Diagram 10.0.0.1/8 S0 HYD 11.0.0.1/8 S0 S1 10.0.0.2/8 E0 192.168.1.150/24 1.1 1.2 1.3 LAN - 192.168.1.0/24 2.1 CHE S1 11.0.0.2/8 E0 192.168.2.150/24 2.2 2.3 LAN - 192.168.2.0/24 3.1 BAN E0 192.168.3.150/2 3.2 3.3 LAN - 192.168.3.0/24 1.0 should not communicate with 2.0 network 1.0 should not communicate with 2.0 network 12

Recomendados

Access Control List 1
Access Control List 1Access Control List 1
Access Control List 1Kishore Kumar
 
Static Routing
Static RoutingStatic Routing
Static RoutingSachii Dosti
 
Physical layer OSI Model & Transmission Media
Physical layer OSI Model & Transmission MediaPhysical layer OSI Model & Transmission Media
Physical layer OSI Model & Transmission MediaMukesh Chinta
 
GRE Tunnel Configuration
GRE Tunnel ConfigurationGRE Tunnel Configuration
GRE Tunnel ConfigurationNetProtocol Xpert
 
Chapter 8 - IP Subnetting, Troubleshooting and Introduction to NAT 9e
Chapter 8 - IP Subnetting, Troubleshooting and Introduction to NAT 9eChapter 8 - IP Subnetting, Troubleshooting and Introduction to NAT 9e
Chapter 8 - IP Subnetting, Troubleshooting and Introduction to NAT 9eadpeer
 
Cisco ospf
Cisco ospf Cisco ospf
Cisco ospf sarasanandam
 
Connect Laptop/PC to Router Console Port
Connect Laptop/PC to Router Console Port Connect Laptop/PC to Router Console Port
Connect Laptop/PC to Router Console Port Yaser Rahmati
 
Hot standby router protocol (hsrp) using
Hot standby router protocol (hsrp) usingHot standby router protocol (hsrp) using
Hot standby router protocol (hsrp) usingShubhiGupta94
 

Recomendados

Access Control List 1
Access Control List 1Access Control List 1
Access Control List 1Kishore Kumar
 
Static Routing
Static RoutingStatic Routing
Static RoutingSachii Dosti
 
Physical layer OSI Model & Transmission Media
Physical layer OSI Model & Transmission MediaPhysical layer OSI Model & Transmission Media
Physical layer OSI Model & Transmission MediaMukesh Chinta
 
GRE Tunnel Configuration
GRE Tunnel ConfigurationGRE Tunnel Configuration
GRE Tunnel ConfigurationNetProtocol Xpert
 
Chapter 8 - IP Subnetting, Troubleshooting and Introduction to NAT 9e
Chapter 8 - IP Subnetting, Troubleshooting and Introduction to NAT 9eChapter 8 - IP Subnetting, Troubleshooting and Introduction to NAT 9e
Chapter 8 - IP Subnetting, Troubleshooting and Introduction to NAT 9eadpeer
 
Cisco ospf
Cisco ospf Cisco ospf
Cisco ospf sarasanandam
 
Connect Laptop/PC to Router Console Port
Connect Laptop/PC to Router Console Port Connect Laptop/PC to Router Console Port
Connect Laptop/PC to Router Console Port Yaser Rahmati
 
Hot standby router protocol (hsrp) using
Hot standby router protocol (hsrp) usingHot standby router protocol (hsrp) using
Hot standby router protocol (hsrp) usingShubhiGupta94
 
Ccnp workbook network bulls
Ccnp workbook network bullsCcnp workbook network bulls
Ccnp workbook network bullsSwapnil Kapate
 
OSPF Basics
OSPF BasicsOSPF Basics
OSPF BasicsMartin Bratina
 
GRE (Generic Routing Encapsulation)
GRE (Generic Routing Encapsulation)GRE (Generic Routing Encapsulation)
GRE (Generic Routing Encapsulation)NetProtocol Xpert
 
Makalah Routing Dynamic
Makalah Routing DynamicMakalah Routing Dynamic
Makalah Routing DynamicRezi Fenorita
 
Routing
RoutingRouting
RoutingSaima Azam
 
Ospf
OspfOspf
OspfAlp isik
 
Sdn presentation
Sdn presentation Sdn presentation
Sdn presentation Frikha Nour
 
BGP (border gateway routing protocol)
BGP (border gateway routing protocol)BGP (border gateway routing protocol)
BGP (border gateway routing protocol)Netwax Lab
 
ccna summer training ppt ( Cisco certified network analysis) ppt. by Traun k...
ccna summer training ppt ( Cisco certified network analysis) ppt. by Traun k...ccna summer training ppt ( Cisco certified network analysis) ppt. by Traun k...
ccna summer training ppt ( Cisco certified network analysis) ppt. by Traun k...Tarun Khaneja
 
CCNA SUMMER TRAINNING PPT
CCNA SUMMER TRAINNING PPTCCNA SUMMER TRAINNING PPT
CCNA SUMMER TRAINNING PPTNishant Goel
 
Access Control List & its Types
Access Control List & its TypesAccess Control List & its Types
Access Control List & its TypesNetwax Lab
 
CCNA Basic Switching and Switch Configuration
CCNA Basic Switching and Switch ConfigurationCCNA Basic Switching and Switch Configuration
CCNA Basic Switching and Switch ConfigurationDsunte Wilson
 
Open shortest path first (ospf)
Open shortest path first (ospf)Open shortest path first (ospf)
Open shortest path first (ospf)Respa Peter
 
EtherChannel Configuration
EtherChannel ConfigurationEtherChannel Configuration
EtherChannel ConfigurationNetProtocol Xpert
 
Chapter 3 vlans
Chapter 3 vlansChapter 3 vlans
Chapter 3 vlanskratos2424
 
Computer networking
Computer networkingComputer networking
Computer networkingMaulik Togadiya
 
2 g data call flow
2 g data call flow2 g data call flow
2 g data call flowAlfred Ongere
 
CCNA PPT
CCNA PPTCCNA PPT
CCNA PPTAIRTEL
 
Cisco ospf
Cisco ospf Cisco ospf
Cisco ospf sarasanandam
 
Simplified Call Flow Signaling: 2G/3G Voice Call
Simplified Call Flow Signaling: 2G/3G Voice CallSimplified Call Flow Signaling: 2G/3G Voice Call
Simplified Call Flow Signaling: 2G/3G Voice Call3G4G
 
Cisco ACL
Cisco ACLCisco ACL
Cisco ACLfaust0
 
CCNA part 7 acl
CCNA part 7 aclCCNA part 7 acl
CCNA part 7 aclSandeep Sharma IIMK Smart City,IoT,Bigdata,Cloud,BI,DW
 

Más contenido relacionado

La actualidad más candente

Ccnp workbook network bulls
Ccnp workbook network bullsCcnp workbook network bulls
Ccnp workbook network bullsSwapnil Kapate
 
GRE (Generic Routing Encapsulation)
GRE (Generic Routing Encapsulation)GRE (Generic Routing Encapsulation)
GRE (Generic Routing Encapsulation)NetProtocol Xpert
 
Makalah Routing Dynamic
Makalah Routing DynamicMakalah Routing Dynamic
Makalah Routing DynamicRezi Fenorita
 
Sdn presentation
Sdn presentation Sdn presentation
Sdn presentation Frikha Nour
 
BGP (border gateway routing protocol)
BGP (border gateway routing protocol)BGP (border gateway routing protocol)
BGP (border gateway routing protocol)Netwax Lab
 
ccna summer training ppt ( Cisco certified network analysis) ppt. by Traun k...
ccna summer training ppt ( Cisco certified network analysis) ppt. by Traun k...ccna summer training ppt ( Cisco certified network analysis) ppt. by Traun k...
ccna summer training ppt ( Cisco certified network analysis) ppt. by Traun k...Tarun Khaneja
 
CCNA SUMMER TRAINNING PPT
CCNA SUMMER TRAINNING PPTCCNA SUMMER TRAINNING PPT
CCNA SUMMER TRAINNING PPTNishant Goel
 
Access Control List & its Types
Access Control List & its TypesAccess Control List & its Types
Access Control List & its TypesNetwax Lab
 
CCNA Basic Switching and Switch Configuration
CCNA Basic Switching and Switch ConfigurationCCNA Basic Switching and Switch Configuration
CCNA Basic Switching and Switch ConfigurationDsunte Wilson
 
Open shortest path first (ospf)
Open shortest path first (ospf)Open shortest path first (ospf)
Open shortest path first (ospf)Respa Peter
 
Chapter 3 vlans
Chapter 3 vlansChapter 3 vlans
Chapter 3 vlanskratos2424
 
CCNA PPT
CCNA PPTCCNA PPT
CCNA PPTAIRTEL
 
Simplified Call Flow Signaling: 2G/3G Voice Call
Simplified Call Flow Signaling: 2G/3G Voice CallSimplified Call Flow Signaling: 2G/3G Voice Call
Simplified Call Flow Signaling: 2G/3G Voice Call3G4G
 

La actualidad más candente (20)

Ccnp workbook network bulls
Ccnp workbook network bullsCcnp workbook network bulls
Ccnp workbook network bulls
 
OSPF Basics
OSPF BasicsOSPF Basics
OSPF Basics
 
GRE (Generic Routing Encapsulation)
GRE (Generic Routing Encapsulation)GRE (Generic Routing Encapsulation)
GRE (Generic Routing Encapsulation)
 
Makalah Routing Dynamic
Makalah Routing DynamicMakalah Routing Dynamic
Makalah Routing Dynamic
 
Routing
RoutingRouting
Routing
 
Ospf
OspfOspf
Ospf
 
Sdn presentation
Sdn presentation Sdn presentation
Sdn presentation
 
BGP (border gateway routing protocol)
BGP (border gateway routing protocol)BGP (border gateway routing protocol)
BGP (border gateway routing protocol)
 
ccna summer training ppt ( Cisco certified network analysis) ppt. by Traun k...
ccna summer training ppt ( Cisco certified network analysis) ppt. by Traun k...ccna summer training ppt ( Cisco certified network analysis) ppt. by Traun k...
ccna summer training ppt ( Cisco certified network analysis) ppt. by Traun k...
 
CCNA SUMMER TRAINNING PPT
CCNA SUMMER TRAINNING PPTCCNA SUMMER TRAINNING PPT
CCNA SUMMER TRAINNING PPT
 
Access Control List & its Types
Access Control List & its TypesAccess Control List & its Types
Access Control List & its Types
 
CCNA Basic Switching and Switch Configuration
CCNA Basic Switching and Switch ConfigurationCCNA Basic Switching and Switch Configuration
CCNA Basic Switching and Switch Configuration
 
Open shortest path first (ospf)
Open shortest path first (ospf)Open shortest path first (ospf)
Open shortest path first (ospf)
 
EtherChannel Configuration
EtherChannel ConfigurationEtherChannel Configuration
EtherChannel Configuration
 
Chapter 3 vlans
Chapter 3 vlansChapter 3 vlans
Chapter 3 vlans
 
Computer networking
Computer networkingComputer networking
Computer networking
 
2 g data call flow
2 g data call flow2 g data call flow
2 g data call flow
 
CCNA PPT
CCNA PPTCCNA PPT
CCNA PPT
 
Cisco ospf
Cisco ospf Cisco ospf
Cisco ospf
 
Simplified Call Flow Signaling: 2G/3G Voice Call
Simplified Call Flow Signaling: 2G/3G Voice CallSimplified Call Flow Signaling: 2G/3G Voice Call
Simplified Call Flow Signaling: 2G/3G Voice Call
 

Destacado

Cisco ACL
Cisco ACLCisco ACL
Cisco ACLfaust0
 
Uccn1003 -may09_-_lect09_-_access_control_list_acl_
Uccn1003 -may09_-_lect09_-_access_control_list_acl_Uccn1003 -may09_-_lect09_-_access_control_list_acl_
Uccn1003 -may09_-_lect09_-_access_control_list_acl_Shu Shin
 
Joomla Access Control List (ACL) at JoomlaDay London, UK #jduk11
Joomla Access Control List (ACL) at JoomlaDay London, UK #jduk11Joomla Access Control List (ACL) at JoomlaDay London, UK #jduk11
Joomla Access Control List (ACL) at JoomlaDay London, UK #jduk11Sander Potjer
 
CCNAv5 - S2: Chapter 9 Access Control Lists
CCNAv5 - S2: Chapter 9 Access Control ListsCCNAv5 - S2: Chapter 9 Access Control Lists
CCNAv5 - S2: Chapter 9 Access Control ListsVuz Dở Hơi
 
Authentication Technologies
Authentication TechnologiesAuthentication Technologies
Authentication TechnologiesNicholas Davis
 
CCNA Routing and Switching Lessons 08-09 - Routing Protocols - Eric Vanderburg
CCNA Routing and Switching Lessons 08-09 - Routing Protocols - Eric VanderburgCCNA Routing and Switching Lessons 08-09 - Routing Protocols - Eric Vanderburg
CCNA Routing and Switching Lessons 08-09 - Routing Protocols - Eric VanderburgEric Vanderburg
 
Operating system security
Operating system securityOperating system security
Operating system securityRachel Jeewa
 
Authentication(pswrd,token,certificate,biometric)
Authentication(pswrd,token,certificate,biometric)Authentication(pswrd,token,certificate,biometric)
Authentication(pswrd,token,certificate,biometric)Ali Raw
 
System protection in Operating System
System protection in Operating SystemSystem protection in Operating System
System protection in Operating Systemsohaildanish
 

Destacado (20)

Cisco ACL
Cisco ACLCisco ACL
Cisco ACL
 
CCNA part 7 acl
CCNA part 7 aclCCNA part 7 acl
CCNA part 7 acl
 
Access control list
Access control listAccess control list
Access control list
 
Uccn1003 -may09_-_lect09_-_access_control_list_acl_
Uccn1003 -may09_-_lect09_-_access_control_list_acl_Uccn1003 -may09_-_lect09_-_access_control_list_acl_
Uccn1003 -may09_-_lect09_-_access_control_list_acl_
 
Joomla Access Control List (ACL) at JoomlaDay London, UK #jduk11
Joomla Access Control List (ACL) at JoomlaDay London, UK #jduk11Joomla Access Control List (ACL) at JoomlaDay London, UK #jduk11
Joomla Access Control List (ACL) at JoomlaDay London, UK #jduk11
 
CCNAv5 - S2: Chapter 9 Access Control Lists
CCNAv5 - S2: Chapter 9 Access Control ListsCCNAv5 - S2: Chapter 9 Access Control Lists
CCNAv5 - S2: Chapter 9 Access Control Lists
 
Rip Update Timers
Rip Update TimersRip Update Timers
Rip Update Timers
 
Authentication Technologies
Authentication TechnologiesAuthentication Technologies
Authentication Technologies
 
Switching 2
Switching 2Switching 2
Switching 2
 
Authentication techniques
Authentication techniquesAuthentication techniques
Authentication techniques
 
CCNA Routing and Switching Lessons 08-09 - Routing Protocols - Eric Vanderburg
CCNA Routing and Switching Lessons 08-09 - Routing Protocols - Eric VanderburgCCNA Routing and Switching Lessons 08-09 - Routing Protocols - Eric Vanderburg
CCNA Routing and Switching Lessons 08-09 - Routing Protocols - Eric Vanderburg
 
Ccna training report
Ccna training reportCcna training report
Ccna training report
 
Dynamic Routing RIP
Dynamic Routing RIPDynamic Routing RIP
Dynamic Routing RIP
 
Static Routing
Static RoutingStatic Routing
Static Routing
 
Dynamic routing protocols (CCNA)
Dynamic routing protocols (CCNA)Dynamic routing protocols (CCNA)
Dynamic routing protocols (CCNA)
 
Chapter 14 - Protection
Chapter 14 - ProtectionChapter 14 - Protection
Chapter 14 - Protection
 
Operating system security
Operating system securityOperating system security
Operating system security
 
Honeypot
Honeypot Honeypot
Honeypot
 
Authentication(pswrd,token,certificate,biometric)
Authentication(pswrd,token,certificate,biometric)Authentication(pswrd,token,certificate,biometric)
Authentication(pswrd,token,certificate,biometric)
 
System protection in Operating System
System protection in Operating SystemSystem protection in Operating System
System protection in Operating System
 

Similar a Access control list 2

Addressing in networking (IP,MAC,Port addressing)
Addressing in networking (IP,MAC,Port addressing)Addressing in networking (IP,MAC,Port addressing)
Addressing in networking (IP,MAC,Port addressing)Geethu Jose
 
Access Control List (ACL)
Access Control List (ACL)Access Control List (ACL)
Access Control List (ACL)ISMT College
 
Securing management, control & data plane
Securing management, control & data planeSecuring management, control & data plane
Securing management, control & data planeNetProtocol Xpert
 
Network protocols and vulnerabilities
Network protocols and vulnerabilitiesNetwork protocols and vulnerabilities
Network protocols and vulnerabilitiesG Prachi
 
14 network tools
14 network tools14 network tools
14 network toolsShay Cohen
 
Ch2 ccna exploration 3 lan switching and wireless
Ch2 ccna exploration 3 lan switching and wirelessCh2 ccna exploration 3 lan switching and wireless
Ch2 ccna exploration 3 lan switching and wirelesskratos2424
 
Modul 5 access control list
Modul 5 access control listModul 5 access control list
Modul 5 access control listdiah risqiwati
 
CCNA 1 v6.0 Final Exam Answers Option B 2018
CCNA 1 v6.0 Final Exam Answers Option B 2018CCNA 1 v6.0 Final Exam Answers Option B 2018
CCNA 1 v6.0 Final Exam Answers Option B 2018Download Mipdfcom
 
Unit 2 - Internet Protocol Overview - IT
Unit 2 - Internet Protocol Overview - ITUnit 2 - Internet Protocol Overview - IT
Unit 2 - Internet Protocol Overview - ITDeepraj Bhujel
 
Practice exam #2
Practice exam #2Practice exam #2
Practice exam #2Kris Mofu
 
ACIT - CCNA Training Course Topic - Switch Stp ACIT
ACIT - CCNA Training Course Topic - Switch Stp ACITACIT - CCNA Training Course Topic - Switch Stp ACIT
ACIT - CCNA Training Course Topic - Switch Stp ACITSleek International
 
Guide to protecting networks - Eric Vanderburg
Guide to protecting networks - Eric VanderburgGuide to protecting networks - Eric Vanderburg
Guide to protecting networks - Eric VanderburgEric Vanderburg
 
Access List in Networks
Access List in NetworksAccess List in Networks
Access List in Networkswolverinetyagi
 
Network Design on cisco packet tracer 6.0
Network Design on cisco packet tracer 6.0Network Design on cisco packet tracer 6.0
Network Design on cisco packet tracer 6.0Saurav Pandey
 

Similar a Access control list 2 (20)

Acl
AclAcl
Acl
 
Chapter10ccna
Chapter10ccnaChapter10ccna
Chapter10ccna
 
Addressing in networking (IP,MAC,Port addressing)
Addressing in networking (IP,MAC,Port addressing)Addressing in networking (IP,MAC,Port addressing)
Addressing in networking (IP,MAC,Port addressing)
 
Access Control List (ACL)
Access Control List (ACL)Access Control List (ACL)
Access Control List (ACL)
 
CCNA
CCNACCNA
CCNA
 
Securing management, control & data plane
Securing management, control & data planeSecuring management, control & data plane
Securing management, control & data plane
 
Network protocols and vulnerabilities
Network protocols and vulnerabilitiesNetwork protocols and vulnerabilities
Network protocols and vulnerabilities
 
14 network tools
14 network tools14 network tools
14 network tools
 
Networking basics
Networking basicsNetworking basics
Networking basics
 
Firewalls
FirewallsFirewalls
Firewalls
 
Ch2 ccna exploration 3 lan switching and wireless
Ch2 ccna exploration 3 lan switching and wirelessCh2 ccna exploration 3 lan switching and wireless
Ch2 ccna exploration 3 lan switching and wireless
 
Modul 5 access control list
Modul 5 access control listModul 5 access control list
Modul 5 access control list
 
CCNA 1 v6.0 Final Exam Answers Option B 2018
CCNA 1 v6.0 Final Exam Answers Option B 2018CCNA 1 v6.0 Final Exam Answers Option B 2018
CCNA 1 v6.0 Final Exam Answers Option B 2018
 
Firewall
FirewallFirewall
Firewall
 
Unit 2 - Internet Protocol Overview - IT
Unit 2 - Internet Protocol Overview - ITUnit 2 - Internet Protocol Overview - IT
Unit 2 - Internet Protocol Overview - IT
 
Practice exam #2
Practice exam #2Practice exam #2
Practice exam #2
 
ACIT - CCNA Training Course Topic - Switch Stp ACIT
ACIT - CCNA Training Course Topic - Switch Stp ACITACIT - CCNA Training Course Topic - Switch Stp ACIT
ACIT - CCNA Training Course Topic - Switch Stp ACIT
 
Guide to protecting networks - Eric Vanderburg
Guide to protecting networks - Eric VanderburgGuide to protecting networks - Eric Vanderburg
Guide to protecting networks - Eric Vanderburg
 
Access List in Networks
Access List in NetworksAccess List in Networks
Access List in Networks
 
Network Design on cisco packet tracer 6.0
Network Design on cisco packet tracer 6.0Network Design on cisco packet tracer 6.0
Network Design on cisco packet tracer 6.0
 

Más de Kishore Kumar

Route Authentication
Route AuthenticationRoute Authentication
Route AuthenticationKishore Kumar
 
Recognizing security threats
Recognizing security threatsRecognizing security threats
Recognizing security threatsKishore Kumar
 
Ccna simulation exam practice guide
Ccna simulation exam practice guideCcna simulation exam practice guide
Ccna simulation exam practice guideKishore Kumar
 
Internal & External of Routers
Internal & External of RoutersInternal & External of Routers
Internal & External of RoutersKishore Kumar
 
Integrated Service Digital Network
Integrated Service Digital NetworkIntegrated Service Digital Network
Integrated Service Digital NetworkKishore Kumar
 
Initial Configuration of Router
Initial Configuration of RouterInitial Configuration of Router
Initial Configuration of RouterKishore Kumar
 
Multi Static Routng & Default Routing
Multi Static Routng & Default RoutingMulti Static Routng & Default Routing
Multi Static Routng & Default RoutingKishore Kumar
 

Más de Kishore Kumar (20)

Switching Types
Switching TypesSwitching Types
Switching Types
 
Switching Types
Switching TypesSwitching Types
Switching Types
 
Route Authentication
Route AuthenticationRoute Authentication
Route Authentication
 
Recognizing security threats
Recognizing security threatsRecognizing security threats
Recognizing security threats
 
Ccna simulation exam practice guide
Ccna simulation exam practice guideCcna simulation exam practice guide
Ccna simulation exam practice guide
 
RIP Update Timers
RIP Update TimersRIP Update Timers
RIP Update Timers
 
Password Recovery
Password RecoveryPassword Recovery
Password Recovery
 
OSPF 3
OSPF 3OSPF 3
OSPF 3
 
OSPF 2
OSPF 2OSPF 2
OSPF 2
 
Ip addressing
Ip addressingIp addressing
Ip addressing
 
Internal & External of Routers
Internal & External of RoutersInternal & External of Routers
Internal & External of Routers
 
Integrated Service Digital Network
Integrated Service Digital NetworkIntegrated Service Digital Network
Integrated Service Digital Network
 
Initial Configuration of Router
Initial Configuration of RouterInitial Configuration of Router
Initial Configuration of Router
 
Frame Relay
Frame RelayFrame Relay
Frame Relay
 
Multi Static Routng & Default Routing
Multi Static Routng & Default RoutingMulti Static Routng & Default Routing
Multi Static Routng & Default Routing
 
OSI Layers
OSI LayersOSI Layers
OSI Layers
 
Password Recovery
Password RecoveryPassword Recovery
Password Recovery
 
OSPF 3
OSPF 3OSPF 3
OSPF 3
 
OSPF 2
OSPF 2OSPF 2
OSPF 2
 
IP Addressing
IP AddressingIP Addressing
IP Addressing
 

Último

EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWERMadyBayot
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdflior mazor
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MIND CTI
 
Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024The Digital Insurer
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobeapidays
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingEdi Saputra
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Jeffrey Haguewood
 
AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024The Digital Insurer
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...apidays
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?Igalia
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native ApplicationsWSO2
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businesspanagenda
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...apidays
 

Último (20)

EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 

Access control list 2

  • 1. 1
  • 2. Access Control List • It is a Layer 3 security which controls the flow of traffic from one router to another. • It is also called as Packet Filtering Firewall. 2
  • 3. ACL - Network Diagram 10.0.0.1/8 S0 HYD 11.0.0.1/8 S0 S1 10.0.0.2/8 E0 192.168.1.150/24 1.1 1.2 1.3 LAN - 192.168.1.0/24 2.1 CHE S1 11.0.0.2/8 E0 192.168.2.150/24 2.2 2.3 LAN - 192.168.2.0/24 3.1 BAN E0 192.168.3.150/2 3.2 3.3 LAN - 192.168.3.0/24 1.0 should not communicate with 2.0 network 3 1.0 should not communicate with 2.0 network
  • 4. Types of Access-list • Standard ACL • Extended ACL • Named ACL 4
  • 5. Standard Access List • The access-list number lies between 1 – 99 • Can block a Network, Host and Subnet • Two way communication is stopped • All services are blocked. • Implemented closest to the destination. (Guideline) 5
  • 6. Extended Access List • The access-list number lies between 100 – 199 • Can block a Network, Host, Subnet and Service • One way communication is stopped • Selected services can be blocked. • Implemented closest to the source. (Guideline) 6
  • 7. Terminology • Deny : Blocking a Network/Host/Subnet/Service • Permit : Allowing a Network/Host/Subnet/Service • Source Address : The address of the PC from where the request starts. Show Diagram • Destination address : The address of the PC where the request ends. • Inbound : Traffic coming into the interface • Outbound : Traffic going out of the interface 7
  • 8. Terminology • Protocols : IP - TCP - UDP - ICMP • Operators : eq (equal to) neq (not equal to) lt (less than) gt (greater than) • Services : HTTP, FTP, TELNET, DNS, DHCP etc.. 8
  • 9. Wild Card Mask • Tells the router which addressing bits must match in the address of the ACL statement. • It’s the inverse of the subnet mask, hence is also called as Inverse mask. • A bit value of 0 indicates MUST MATCH (Check Bits) • A bit value of 1 indicates IGNORE (Ignore Bits) • Wild Card Mask for a Host will be always 0.0.0.0 9
  • 10. Wild Card Mask • A wild card mask can be calculated using the formula : Global Subnet Mask – Customized Subnet Mask ------------------------------Wild Card Mask E.g. 255.255.255.255 – 255.255.255.240 --------------------0. 0. 0. 15 10
  • 11. 11
  • 12. ACL - Network Diagram 10.0.0.1/8 S0 HYD 11.0.0.1/8 S0 S1 10.0.0.2/8 E0 192.168.1.150/24 1.1 1.2 1.3 LAN - 192.168.1.0/24 2.1 CHE S1 11.0.0.2/8 E0 192.168.2.150/24 2.2 2.3 LAN - 192.168.2.0/24 3.1 BAN E0 192.168.3.150/2 3.2 3.3 LAN - 192.168.3.0/24 1.0 should not communicate with 2.0 network 1.0 should not communicate with 2.0 network 12