Skip to main content

Home Network access control lists

Network access control lists

Network access control lists definition

In cyber security, network access control lists or “NACLs” are specific policies or rules that manage network traffic at a network level, just like traffic lights on the streets would do. They filter out traffic based on specific criteria, like destination IP addresses, port numbers, and various protocols. NACLs are successfully employed as a component of network security in organizations, meaning that organizations can define different traffic policies that will protect networks from threats, potential attacks, and unauthorized access. If appropriately configured, NACLs can enhance the safety of the overall network infrastructure.

See also: access control entry

Common network access control lists (NACLs) use cases in cybersecurity:

  • Firewall rules: NACLs are set up in firewalls to permit or block traffic between different network segments or between the internet and the internet. Correctly set up rules can block malicious traffic, control access for desirable services, and enforce security policies.
  • Segmentation: NACLs are perfect for network segmentation, meaning when the network is split up into different parts for security measures, NACLs can create security zones inside the network and allow only authorized traffic to pass through between those segments.
  • Protection against DDoS attacks: In case of a massive overload, NACLs can slow down or stop some of the incoming traffic, for example, traffic from specific IP addresses and subnets. This helps to mitigate DDoS attacks by blocking portions of traffic from attackers.