Académique Documents
Professionnel Documents
Culture Documents
Submitted by:
Submitted to:
CjTim Corporation is a startup company in which they have built a network for their company. Having
a small network consisting of four (4) departments in two (2) clusters naming Management, Sales,
Engineering, and Guest. Each of the said department has its access or restriction in accessing or contacting
each department in the network.
I.1 Management
• configured to have access to all or permitting the connection to all
I.2 Sales
• configured in Extended ACL
• this department should not be able to have access to the Web Services.
• permits other traffics
I.3 Engineering
• configured in ACL Standard
• this department should not be able to access Guest PCs.
• can receive email but cannot send
• permits other traffic.
I.4 Guest
• configured in both ACL Standard and Extended ACL
• this department is configured to ONLY receive an email, but sending an email to other
departments such as SALES and ENGINEERING is denied.
• Cannot access FTP.
• this department also cannot ping the SALES and ENGINEERING department.
• permits other traffic
II. Objectives
- to design a simple network
- to apply ACL Standard and Extended ACL
III. Topology
V. Resources
Guest receives email but cannot send, can ONLY communicate to Management Department
Figure 7.4 shows the overall access-list configuration for the Guest department such as not
sending email, not having access to other department only for Management and not accessing the FTP.
VIII. Conclusion
Working with access control list, we have concluded that it can be used on network devices such as router
to act as a filter for network traffic, packet storms, services and host access. The standard access list
provides basic packet filtering abilities, based on the source IP address of a packet only while extended
access lists allow filtering not only on source addresses, but also on destination addresses, protocols, and
even applications, based on their port number. All the complete statement needs to be matched in order to
permit or deny an ACL and if no ACL conditions match, the router rejects the packet because of an implicit
deny all clause. Taken as a whole, access control list provides control for permitting and denying packets
within the network.
IX. Reflection
CJ: In doing the case study I am able to understand how standard and extended ACLs work within
a network. I have also learned that implementing ACLs in a network helps you to be more secured.
Timothy: Doing the case study was a big help in understanding how ACL works within a certain
network. Having a good access management to each department of a network is much better than having
not.