One of the primary purposes of having ACLs is to stop unauthorized access to a network. ACLs can be used in two primary ways to control access:
They can be configured to stop unauthorized access to the router on which the lists are configured.
They can be configured to stop unauthorized access to devices sitting upstream or downstream from the box.
Chapter 3, “Device Security,” discussed how you can use ACLs to block access to routers. This section discusses how ACLs can be used to stop unauthorized access to devices sitting upstream or downstream from a router.
ACLs can also be used as mechanisms for collecting log information on the traffic that matches the various ACEs. This is generally done using the ...