1. Home
  2. Networking
  3. Router firewall security

Summary

This chapter showed you the basics of ACLs. Cisco uses ACLs to implement or enhance many features, including filtering of traffic, restricting access to the router, triggering DDR phone calls, classifying traffic for quality of service (QoS), and many others. ACLs can be difficult to configure and maintain. Therefore, understanding how the Cisco IOS processes ACLs is important when implementing your filters (based on your security policies). Cisco supports many different ACLs for various protocols; however, this book focuses only on the IP variety of ACLs, such as standard, extended, reflexive, lock-and-key, CBAC, and turbo ACLs.

One of the most common things misconfigured in ACLs is the wildcard mask. Wildcard masks are used to match on a range of addresses in an ACL condition. Understanding the use of wildcard masks is paramount in ensuring that you are not opening yourself to security threats.

Next up is Chapter 7, which shows you how to use standard, extended, named, timed, and turbo ACLs.



    		Part I: Security Overview and Firewalls
    		Part II: Managing Access to Routers
    		Part III: Nonstateful Filtering Technologies
    		Chapter 6. Access List Introduction
    		Access List Overview
    		Basic ACL Configuration
    		Wildcard Masks
    		Summary
    		Chapter 7. Basic Access Lists
    		Part IV: Stateful and Advanced Filtering Technologies
    		Part V: Address Translation and Firewalls
    		Part VI: Managing Access Through Routers
    		Part VII: Detecting and Preventing Attacks
    		Part VIII: Virtual Private Networks
    		Part IX: Case Study