45 Explain the method of network access security
ACL
They are used for proud filtering ACL decides which network resources would be allocated to the user. ACL is a sequential list of instruction that tells the router which packets to be discarded or allowed. ACL's are read sequentially. As soon as the packet matches an ACL's statement it would be permitted or denied based on the statements written in the ACL. There are three kinds of ACL models
1) Mandatory
2) Discretionary
3) role based
Mandatory Model: In this model every resource is assigned a label which defines what its security level is. If the user accessing the network does not have the required security level he/she will be denied access. It is the oldest security model.
Discretionary Model: in this model the user that owns the resource mainly decides which resource he would grant access to the user. It is basically based on resource owner's discretion that which resource he would grant access to.
Role based access control: this is the most popular model used in file sharing. RBAC provides access to the user based on his role in the network. Users with similar access levels are placed in same groups. Suppose there is a group called students which would only be provided access to the files folder in the University network.
IP filtering: in case of ACL using IP as a filter, the packets that are denied or permit are the IP packets. This kind of ACL works on network layer 3.
Mac filtering: in case of a LAN if we want to deny or permit systems we need to implement Mac-based ACL's. Mac filtering permits or denies access to the network based on Mac address of the system. In order to implement Mac filtering we require Mac addresses of the host.