Register now or log in to join your professional community.
Please give me some recommendation to get a job.
Extended ACL, it allowed specify src/dst ip@ and src/dst tcp/udp port
extended ACLs are more effective than standard ACLs, as extended ACL rules provide more options for filtering a packet , as with standard a packet can only be filtered based on source ip address
A standard IP ACL is simple; it filters based on source address only. You can filter a source network or a source host, but you cannot filter based on the destination of a packet, the particular protocol being used such as the Transmission Control Protocol (TCP) or the User Datagram Protocol (UDP), or on the port number. You can permit or deny only source traffic.
An extended ACL gives you much more power than just a standard ACL. Extended IP ACLs check both the source and destination packet addresses. They can also check for specific protocols, port numbers, and other parameters, which allow administrators more flexibility and control.