Security

ACLs can enhance security by blocking IPv6 traffic carrying an unauthorized source IPv6 address. This can include:
  • blocking access to or from subnets in your network

  • blocking access to or from the internet

  • blocking access to sensitive data storage or restricted equipment

  • preventing specific TCP or UDP functions (such as Telnet, SSH, web browser) for unauthorized access

You can also enhance switch management security by using ACLs to block inbound or outbound IP traffic that has the switch itself as the destination address (DA).
NOTE:

ACLs can enhance network security by blocking selected IP traffic, and can serve as one aspect of maintaining network security. However, because ACLs do not provide user or device authentication, or protection from malicious manipulation of data carried in IP packet transmissions, they should not be relied upon for a complete security solution.