What specific name is given to describe a security policy based on access control lists?

• Government
• Customer Portal
• Partners
• Events
• Contact Us
• English

An access control list is a list of permission rights used to assign roles and responsibilities.

• Access Control List Definition

  An access control list includes a set of rules used to assign permissions or grant different levels of access to files and business-critical information.

• Why use an ACL?

  Organizations can use access control lists (ACL) to secure data. One of the major reasons to use access control lists is to restrict unauthorized users from accessing business-sensitive information. It can also be used to control network traffic by limiting the number of users accessing files, systems, and information. This increases network performance and helps protect business information.

  Advantages of using an ACL:

  • Help enhance network performance by limiting network traffic
  • Provide security by defining permission and access rights
  • Offer granular control over the traffic flow entering the network

  You can also use network configuration tools to help you manage complex access control lists. Using these tools, you can streamline ACLs and save CPU and memory on your devices. Configuration tools also allow you to identify and investigate unnecessary or redundant rules that can be removed from ACLs.

• What are the components of an ACL?

  While defining an ACL entry, you need crucial information also known as the components of the ACL, which include:

  • Sequence number: A sequence number can be defined as the code to identify an ACL entry.
  • ACL name: Instead of using a sequence number, you can also use an ACL name to identify ACL entry. Many routers allow you to create names with a combination of letters and numbers.
  • Remark: Some routers allow you to add comments or detailed descriptions into an ACL known as remarks.
  • Network protocol: You can grant permission or deny access to different network protocols such as IP, TCP, UDP, IPX, and more based on access control rules or protocol-specific parameters.
  • Log: Logging-enabled access control lists provide in-depth insights into incoming and outgoing network traffic.
  • Statement: You can add permit or deny statements and set them as default. These statements are visible when a specific source is denied or permitted based on the address.
  • Source or Destination: It’s important to define a source or destination of an IP to determine its permissions and access rights based on specific ACLs.

• What are the types of ACLs?

  There are five different types of access control lists.

  1. Standard ACL: Standard lists are the most common type of access lists used for simple deployments. They allow you to filter only the source address of the data packet. Moreover, they are less processor intensive.
  2. Extended ACL: Although extended lists are complex in configurations and resource-intensive, they provide a granular level of control. Using these lists, you can be more precise while filtering data packets. You can also evaluate the packets based on different factors such as source and destination IP addresses, source, and destination port, and type of protocol (ICMP, TCP, IP, UDP), and more. 
  3. Dynamic ACL: Dynamic ACLs are often known as Lock and Key, and they can be used for specific attributes and timeframes. They rely on extended ACLs, authentication, and Telnet for their functionality.
  4. Reflexive ACL: Reflexive ACLs are also known as IP session ACLs. They filter IP traffic based on upper-layer session information. These ACLs can only be used to permit IP traffic generated within your network and deny the IP traffic generated from an external or unknown network. 
  5. Time-based ACL: Time-based ACLs are similar to extended ACLs. However, they can be implemented by creating specific times of the day and week.

• What are the types of access controls?

  Mandatory access control: Mandatory strict model is designed specifically for government offices and agencies. This strict and secure model is based on a hierarchy model. Users are assigned security and a clearance level to access resources, while objects are assigned a security label. Users can only access the resources they are permitted to according to their security level or the resources that fall under their hierarchy level.

  Discretionary access control: Discretionary access control can be used in social networking, as there’s a frequent need to change the visibility of the content. This model offers flexibility and allows you to decide who can access your data. It also allows you to customize access policies according to each user.

  Role-based access control: Role-based access control allows you to assign specific roles to employees according to their function within an organization. Moreover, these roles are aligned with access permissions rights. This type of control can be used when you need to share data with a particular department.

  Attribute-based access control: Attribute-based control allows you to define a set of attributes, including resources, users, and objects. Using this model, access is granted to the user based on its role and attributes.

  Rule-based access control: This type of control grants or denies access based on a predefined set of rules.

Featured in this Resource

Like what you see? Try out the products.

Access Rights Manager

Manage and audit access rights across your IT infrastructure

Network Configuration Manager

Reduce cost, save work hours, and remain compliant using a comprehensive network management system.

Security Event Manager

Improve your security posture and quickly demonstrate compliance with an easy-to-use, affordable SIEM tool

What is ACL policy?

What do you mean by access control list?

What is access control in security?

Where is access control list?