Build them carefully and maintain them rigorously, and ACLs will remain a productive piece of your security infrastructure for generations of hardware to come.
January 30, 2019
In an industry of constant, rapid change, an old-school security tool remains an effective piece of an overall security. Access Control Lists (ACLs) that specify precise rules for destinations and protocols allowed or forbidden, are the foundation of firewalls. And while firewalls have advanced to use analysis of packet contents and behavior, ACLs have not gone away.
There are a number of reasons why ACLs endure. The first, and most important, is that they work. ACLs are straight-forward, conceptually simple ways to limit traffic to and from known (or suspected) malicious addresses and to clear traffic to and from addresses known to be acceptable. Next, they play well with others. As Twitter user Frank Barton (@fbarton) wrote in response to a question about ACLs, "…much less cpu intensive than stateful and deep-packet. But…like Ogres, and onions…use layers. If you can block traffic at ACL, then pass remaining to “NGFW” [next-generation firewall] the fw [firewall] has less traffic to inspect."
As with all security measures, though, how an ACL is deployed will have a major impact on its effectiveness. Of course, precisely how the ACL is programmed will vary from manufacturer to manufacturer, and component to component, but there are key considerations that are true regardless of which device is hosting the ACL. Let's take a look at the principles to keep in mind to make ACLs an effective (and efficient) part of the overall security infrastructure.
(Image: photon_photo — stock.adobe.com)
About the Author(s)
You May Also Like
The fuel in the new AI race: Data
April 23, 2024Securing Code in the Age of AI
April 24, 2024Beyond Spam Filters and Firewalls: Preventing Business Email Compromises in the Modern Enterprise
April 30, 2024Key Findings from the State of AppSec Report 2024
May 7, 2024Is AI Identifying Threats to Your Network?
May 14, 2024
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024