Access Control Lists

An access control list (ACL) is a table that tells a computer operating system which access rights each user has to a particular system object, such as a file directory or individual file. 

There are two basic types of ACLs for cisco routers. The standard and extended routers.

The standard ACL filter IP packets based on the source address only while the extended ACL filter IP packets based on several attributes such as the protocol type, source and destination IP addresses, source and destination TCP/UDP ports or ICMP and IGMP message types. 

cisco router syntax for standard ACLs:

access-list access-list-number {deny | permit } source [source-wildcard]

Cisco router syntax for extended ACLs:

access-list access-list-number {deny | permit} {protocol-number | protocol-keyword}{source source-wildcard | any | host} {source-port} {destination destination-wildcard | any |host} {destination-port} [established] [log | log-input]

Access control lists can generally be configured to control both inbound and outbound traffic, and in this context they are similar to firewalls. Like Firewalls, ACLs are subject to security regulations and standards such as PCI DSS.