Infrastructure ACLs Application Best Practices
When implementing Infrastructure ACLs, it’s important to determine the direction of traffic filtering—whether inbound or outbound—based on specific security goals. For instance, infrastructure ACLs designed to prevent various incoming ICMP message types would typically be applied inbound on the Internet-facing interface to protect edge routers by dropping incoming ping requests, and ensuring that such traffic doesn’t propagate beyond intended destinations within the network. Customizing these ACLs based on specific network architecture and security requirements is crucial to maintaining robust network security.
Links
https://networklessons.com/security/infrastructure-access-list