Networking Intermediate

What is Network ACL?

A set of rules that control inbound and outbound traffic at the subnet level, acting as a stateless firewall in cloud and enterprise networks.

Network Access Control Lists filter traffic at the subnet boundary based on IP addresses, ports, and protocols. Unlike security groups (which are stateful — return traffic is automatically allowed), network ACLs are stateless — both inbound and outbound rules must explicitly allow traffic. Rules are evaluated in order by rule number, with the first match determining the action (allow or deny). In AWS, network ACLs protect VPC subnets and complement security groups for defense-in-depth. Enterprise switches use ACLs to segment network traffic between VLANs. Best practice follows deny-by-default, allowing only necessary traffic paths.

Learn More About This Topic

Linux Networking Fundamentals

Related reading

Network Fundamentals

Related reading

Network Security Basics

Related reading

Related Terms

NAT (Network Address Translation)

A method of mapping private IP addresses to public IP addresses, allowing multiple devices to share a single public IP.

MTU (Maximum Transmission Unit)

The maximum size of a data packet that can be transmitted over a network without fragmentation.

The maximum rate of data transfer across a network connection, measured in bits per second.

A formatted unit of data carried over a network, containing headers with routing information and a payload with the actual data.

SSL/TLS Certificate

A digital certificate that authenticates a website identity and enables encrypted HTTPS connections.

QoS (Quality of Service)

A set of techniques for managing network traffic to prioritize certain types of data and ensure performance for critical applications.

View All Networking Terms →