🛡️

Network Security Controls Overview

Jun 16, 2025

Overview

This lecture explains how networks use access control lists (ACLs), firewall rules, URL/content filtering, and security zones to control and secure network traffic.

Access Control Lists (ACLs)

  • An ACL is a list specifying which types of traffic are allowed or denied on a network.
  • ACL criteria can include source and destination IP addresses, port numbers, time, or application.
  • Groups of addresses or criteria can be allowed or denied together within an ACL.
  • ACLs are used in routers, firewalls, operating systems, and any device controlling access.

Firewall Rules and Policies

  • Firewall policies are complex ACLs with details like rule name, source/destination zones, addresses, ports, and user.
  • Firewalls process rules from top to bottom, stopping at the first match.
  • Specific rules are placed at the top; general rules go below.
  • If no rule matches, traffic is denied by default (implicit deny).
  • Example rules: allow SSH (TCP/22), web traffic (TCP/80, TCP/443), RDP (TCP/3389), DNS (UDP/53), NTP (UDP/123); deny ICMP (ping).

URL and Content Filtering

  • URL filtering allows or blocks sites based on URLs or categories (e.g., auction, travel).
  • Categories make it easier to manage access than listing individual URLs.
  • URL filtering is often built into next-generation firewalls and used alongside firewall rules.
  • Content filtering blocks or permits data based on its type or content (e.g., blocking internal documents or harmful software).
  • Antivirus and antimalware tools use content filtering to block malicious data.

Screened Subnets and Security Zones

  • A screened subnet (DMZ) isolates public-facing services from the internal network.
  • Zones simplify rules by grouping network areas (e.g., trusted, untrusted, inside, server).
  • Firewall rules can permit or deny traffic between zones without specifying IPs or ports.
  • Adding more zones provides finer control over access and traffic flow.

Key Terms & Definitions

  • ACL (Access Control List) — A list of traffic rules specifying allowed and denied traffic types.
  • Implicit Deny — Default firewall behavior to deny traffic not explicitly allowed.
  • Screened Subnet (DMZ) — A separate network area for public services to keep them isolated from internal resources.
  • Security Zone — Logical grouping of network resources for simplified access control.

Action Items / Next Steps

  • Review example firewall rule tables and practice writing your own.
  • Read about configuring security zones and DMZs on your platform.

Full transcript