Security

ACLs can enhance security by blocking IPv6 traffic carrying an unauthorized source IPv6 address (SA). This can include:
  • blocking access from specific devices or interfaces (port or VLAN)

  • blocking access to or from subnets in your network

  • blocking access to or from the internet

  • blocking access to sensitive data storage or restricted equipment

  • preventing specific TCP, UDP, and ICMP traffic types, including unauthorized access using functions such as Telnet, SSH, and the WebAgent

You can also enhance switch management security by using ACLs to block IPv6 traffic that has the switch itself as the destination address (DA).
NOTE:

ACLs can enhance network security by blocking selected IP traffic, and can serve as one aspect of maintaining network security. However, because ACLs do not provide user or device authentication, or protection from malicious manipulation of data carried in IP packet transmissions, they should not be relied upon for a complete security solution.