A VLAN access control list (VACL) provides access control for all packets that are bridged within a VLAN or that are routed into or out of a VLAN. Unlike regular Cisco IOS access control lists that are configured on router interfaces and applied on routed packets only, VACLs apply to all packets. The technology was developed by Cisco on the Catalyst 6500 Series switch platform.[1]
VACLs may be used in similar fashion to a SPAN port or network tap, as a way to replicate computer network data that is coming into and leaving from a computer or a network. This is useful if you want to monitor traffic. Often, this configuration is used to facilitate data loss prevention (DLP) or network-based Intrusion prevention systems.[2]
VACL or VACL Ports can be much more discriminating of the traffic they forward compared to a standard SPAN port. They may be set to only forward specific types or specific VLANs to the monitoring port. However, they forward all traffic that matches the criteria, as they do not have the functionality to select from ingress or egress traffic like SPAN ports.[3]
^"Introduction". Cisco.com. Retrieved December 1, 2016.
^"Securing Networks with Private VLANs and VLAN Access Control Lists". Cisco.com. May 8, 2008. Retrieved December 1, 2016.
^"Using RSPAN with VACLs for Granular Traffic Analysis". Using RSPAN with VACLs for Granular Traffic Analysis. Retrieved December 1, 2016.
and 24 Related for: VLAN access control list information
A VLANaccesscontrollist (VACL) provides accesscontrol for all packets that are bridged within a VLAN or that are routed into or out of a VLAN. Unlike...
Virtual private network VLANaccesscontrollist Wide area network The strength of VLAN security can be compromised by VLAN hopping. VLAN hopping can be mitigated...
multiplexing for the logical link (i.e. EtherType, 802.1Q VLAN tag etc), while the MAC provides flow control and multiplexing for the transmission medium. These...
or outbound traffic (or both) on single or multiple interfaces. VLANaccesscontrollist (VACL) Cisco Systems - Catalyst Switched Port Analyzer (SPAN) Configuration...
Metropolitan Area Networks: Media AccessControl (MAC) Bridges. IEEE. "Understanding Issues Related to Inter-VLAN Bridging" (PDF). Cisco Systems, Inc...
used as the basis of 802.1Q VLAN tagging, encapsulating packets from VLANs for transmission multiplexed with other VLAN traffic over an Ethernet trunk...
provides both simple and full connectivity assigned to any given virtual LAN (VLAN) throughout a bridged local area network. MSTP uses bridge protocol data...
if the allowed number of addresses is exceeded. Access-controllist IP address blocking Private VLAN "Configuring Port Security". Cisco. Retrieved 14...
This is a list of TCP and UDP port numbers used by protocols for operation of network applications. The Transmission Control Protocol (TCP) and the User...
the placement of the IPMI management port on a dedicated management LAN or VLAN restricted to trusted Administrators. The IPMI specification has been updated...
computer network which provides access to consolidated, block-level data storage. SANs are primarily used to access data storage devices, such as disk...
resolution protocol. How to implement VLANs for the RoCE v1 protocol. Current RoCE v1 implementations store the VLAN ID in the twelfth and thirteenth byte...
firewalls, load balancers, IP addresses, virtual local area networks (VLANs), and software bundles. The NIST's definition of cloud computing describes...
initialisms appear in IT career certification exams such as CompTIA A+. List of computing and IT abbreviations Lammle, Todd (2008). CCNA IOS Commands...
encryption for serial profiles. IEC 62351-6 — Security for IEC 61850 profiles. VLAN use is made as mandatory for GOOSE RFC 2030 to be used for SNTP IEC 62351-7...
This is a list of router and firewall distributions, which are operating systems designed for use as routers and/or firewalls. List of router firmware...
simple accesscontrol features built into their Windows operating system. Homegroup is a feature that allows shared disk access, shared printer access and...
describes VLANs, and IEEE 802.1X defines a port-based Network AccessControl protocol, which forms the basis for the authentication mechanisms used in VLANs (but...
IPSec/L2TP and OpenVPN protocols Routing and Bridging capabilities with VLAN IEEE 802.1Q support Multizone DNS (Domain name system) server Multi subnet...
malicious attempts to gain unauthorized control to cause interruptions, commit fraud, engage in blackmail or access private information. Malware is malicious...
on the human body to the internet. This way, medical professionals can access patient data online using the internet independent of the patient location...