What is an access control list (ACL)? An access control list is a list, stored in a network router, of devices allowed on a network. This list determines which devices can connect to the network and which cannot. With such a list, a Wi-Fi administrator (or home user) can block unauthorized access to their network.
Access control lists are configured by a wireless router. A network hub device will not work. A network hub allows all traffic to go both ways; it does not filter any traffic. A router filters traffic, it can block traffic in any direction or redirect traffic. A router can be a basic router (ie NetGear, Linksys) from any electronics store, an advanced router (ie Cisco router), or a server/workstation configured as a router. A router stores information in its ACL and, based on that information, directs traffic in and out of a network.
This screenshot shows the access control list of a NetGear router. This list has one device listed. If Access List was enabled, only this device could access the wireless network. You can create an ACL on a router and choose not to implement access filtering, but if you spent time creating the list, you might as well use it. Today there are more devices that can access a WiFi network than a few years ago. Such devices are smartphones, gaming systems, laptops, tablets, etc.
Most routers are preconfigured to broadcast their SSID (the name of your Wi-Fi network) and allow any traffic to connect. Most of the users are now familiar with protecting their Wi-Fi networks by adding a network access password. This helps protect your network, but hackers may be able to find your network password. Adding an access control list will help further reduce unauthorized access by adding a second layer of defense. An access list stores the MAC address of the device. If the computer trying to access the network does not appear on this list, it will not be allowed to access the network. There are some hackers that can hijack a valid MAC address, so there are no 100% secure systems, but some security is better than nothing. An additional security measure we could add (after implementing ACL) would be to disable SSID broadcast. This will cause some problems with some WIFI devices that automatically join the wifi network, but it’s worth the security.
Check your specific router’s manual for the correct way to configure your specific router. We will discuss SSID broadcasting in a future post, subscribe to the blog for alerts on future posts.
