I’ve been talking a lot about switches and how those need to be locked down in a network to mitigate vulnerabilities. Switches are such an important piece of the network, offering the connections between the different endpoints and clients. Previously, I talked a little about creating VLANs to help create sub-networks which will help with network performance (by decreasing the number of broadcast traffic) and which also help with security (member of a VLAN won’t be able to access traffic on another network or VLAN). It’s important to lock down a switch using port security (where the physical port of a switch is relegated to a single, or one of a specified number, of MAC-specified devices, or also perhaps administratively closing down those unused ports so they can’t be accessed.

In a similar way, the router is an uber-important aspect of the network, given it’s gateway interface to the private network and its public-facing interface. This is where it’s important to put defensive measures into place, and one of those important tools is the Access Control Lists (ACL). Here I got some hands-on doing so:

First, using the terminal, accessing the configuration file:

Then, I created a standard Access List (as opposed to an Extended one), with a few rules that block traffic to certain hosts:

But then also adding a rule that allows traffic from all other hosts, then applying the rules: