ACLs: Filter for RFC 1918 addresses (172.16.0.0/12)

Gavin M. Dennis

22 April 2022 00:21

Details

ACLs (filters) can be used is to mitigate attacks at the data plane. Based on RFC1918/3330 certain blocks of IPs were designated for private networks and as such should not be routed on the Internet.

Solution

Run the following command on the device to configure these ACLs:
configure filter ip-filter entry create
description
match src-ip /
action drop
exit

Supportive Information

The following resource is also helpful.

https://infoproducts.alcatel-lucent.com/aces/cgi-bin/dbaccessfilename.cgi/9305050101_V1_SR-OS Security Best Practices v2.0.pdfhttps://infoproducts.alcatel-lucent.com/aces/cgi-bin/dbaccessfilename.cgi/9305050101_V1_SR-OS Security Best Practices v2.0.pdf

This security hardening control applies to the following category of controls within NIST 800-53: System and Communications Protection.This control applies to the following type of system Alcatel.

References

800-53|SC-7

Source

Tenable.com/audits

PS. Before you go.

Request a quote to protect your organisation from cyber attacks and breaches.

Was this article helpful?

0 out of 0 found this helpful

Comments

0 comments

Please sign in to leave a comment.

Articles in this section