Networking Intermediate

What is Network ACL?

A set of rules that control inbound and outbound traffic at the subnet level, acting as a stateless firewall in cloud and enterprise networks.

Network Access Control Lists filter traffic at the subnet boundary based on IP addresses, ports, and protocols. Unlike security groups (which are stateful — return traffic is automatically allowed), network ACLs are stateless — both inbound and outbound rules must explicitly allow traffic. Rules are evaluated in order by rule number, with the first match determining the action (allow or deny). In AWS, network ACLs protect VPC subnets and complement security groups for defense-in-depth. Enterprise switches use ACLs to segment network traffic between VLANs. Best practice follows deny-by-default, allowing only necessary traffic paths.

Learn More About This Topic

Linux Networking Fundamentals

Related reading

Network Fundamentals

Related reading

Network Security Basics

Related reading

Related Terms

A network communication method that sends data to multiple recipients simultaneously without duplicating packets for each recipient.

A device or software that connects two or more network segments at the data link layer, forwarding traffic based on MAC addresses.

Network Topology

The physical or logical arrangement of nodes and connections in a computer network, such as star, mesh, ring, or bus configurations.

Network Monitoring

The practice of continuously observing network infrastructure to detect failures, performance degradation, and security threats.

Token Bucket Algorithm

A rate limiting algorithm that allows burst traffic by accumulating tokens at a fixed rate and consuming them per request.

SNMP (Simple Network Management Protocol)

A protocol for monitoring and managing network devices like routers, switches, servers, and printers remotely.

View All Networking Terms →