Chapter 2: Introducing IP Access Lists (IP ACLs)
Exam Objectives
Describing the purpose and different types of access lists
Understanding traffic filtering using security appliances
Investigating the Cisco SDM
ACL inbound and outbound configurations
Managing ACLs
Monitoring and verifying ACLs in a network environment
Troubleshooting ACL issues
Managing and troubleshooting enterprise networks can be a real challenge. Besides delivering data, a router is one tool that can provide additional benefits to network administrators, such as isolating broadcast messages and subnet traffic. You can break a single organization’s network into logical segments, which helps in isolating problems and confining misbehaving hosts. Integration of security mitigation methods into this topology planning and design should be a major concern for every organization.
Routers should not only transfer and segment data traffic but also provide some reliable measure of protection against all forms of attack. The router is the first line of defense against network intruders, and properly configured, it can provide a strong method of security mitigation. A router needs a way to identify traffic that is wanted — or allowed to pass through the router’s interface — and which data is undesirable, or rejected by the router. Network administrators can achieve basic traffic management control and high network availability by defining a list of networks that are allowed or denied access to the organization’s private ...
