ACL Optimization Paper

March 30th, 2007 by gareth

For my Networking, Level 3 BSc module Dr Vic Grout asked to research and write a paper on Access Control List (ACL) Optimization.

Heres mine to download

You will need a PDF Viewer to open and read it.

Comments welcome.

Posted in Cisco, Life, Networks, Security, University

One Response

  1. Karsten
    August 19th, 2007 at 8:04 pm

    Two additions to your paper:
    1st: To do an automatic optimization of ACLs you can use Turbo-ACLs (Command “access-list compiled”). Some time ago they were only available on high-end devices, now they are also on the low-end devices like ISR 1800.

    2nd: There is one reason to not only optimize for speed: If the ACLs get bigger and bigger, IMO readability is more important than speed. Always think about the old Cisco-TAC rule “never configure things you can’t explain to a TAC-Engineer at 2am”. And if you do many reorderings for speed, the ACL won’t be readable any more.

Leave a Comment

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

*
To prove you're a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.
Click to hear an audio file of the anti-spam word

Please note: Comment moderation is enabled and may delay your comment. There is no need to resubmit your comment.