Rules
- List of read from top to bottom and Stop at first match.
- Invisible implicit deny at the bottom.
- ACL is applied to an interface inbound or outbound.
Cisco routers support two types of ACLs:
•Standard ACLs – ACLs only filter at Layer 3 using the source IPv4 address only.
•Extended ACLs – ACLs filter at Layer 3 using the source and / or destination IPv4 address. They can also filter at Layer 4 using TCP, UDP ports, and optional protocol type information for finer control.
There are Several tasks performed by routers or firewall, require the use of ACLs to identify traffic nature or control the traffic (inbound or outbound):
•Limit network traffic to increase network performance
•Provide traffic flow control
•Provide a basic level of security for network access
•Filter traffic based on traffic type
•Screen hosts to permit or deny access to network services
•Provide priority to certain classes of network traffic
