Networking Intermediate

What is Network ACL?

A set of rules that control inbound and outbound traffic at the subnet level, acting as a stateless firewall in cloud and enterprise networks.

Network Access Control Lists filter traffic at the subnet boundary based on IP addresses, ports, and protocols. Unlike security groups (which are stateful — return traffic is automatically allowed), network ACLs are stateless — both inbound and outbound rules must explicitly allow traffic. Rules are evaluated in order by rule number, with the first match determining the action (allow or deny). In AWS, network ACLs protect VPC subnets and complement security groups for defense-in-depth. Enterprise switches use ACLs to segment network traffic between VLANs. Best practice follows deny-by-default, allowing only necessary traffic paths.

Learn More About This Topic

Linux Networking Fundamentals

Related reading

Network Fundamentals

Related reading

Network Security Basics

Related reading

Related Terms

DNS Propagation

The time it takes for DNS record changes to spread across all DNS servers worldwide, typically taking up to 48 hours.

A modern, lightweight VPN protocol that uses state-of-the-art cryptography and minimal code for fast, secure tunneling.

HTTPS Everywhere

The practice of securing all web traffic with TLS encryption, ensuring data integrity and privacy between browsers and servers.

Network Monitoring

The practice of continuously observing network infrastructure to detect failures, performance degradation, and security threats.

A network communication method that sends data to multiple recipients simultaneously without duplicating packets for each recipient.

VPN (Virtual Private Network)

A technology that creates an encrypted tunnel between your device and a remote server, securing internet traffic.

View All Networking Terms →