New ACLs (Pro)

Easily manage network access with the new Netmaker ACLs

With the latest ACL feature in Netmaker, managing network access has never been easier. This powerful addition allows network administrators to control communication between devices by defining policies that restrict or allow access.

What is ACL?Copied!

An Access Control List (ACL) is a set of rules that specify which users or devices are allowed or denied communication within a network. ACLs are used by network administrators to control traffic flow, ensuring that only authorized entities can access or interact with certain network resources, enhancing overall network security.

There are two main types of ACL policies: User Policies and Resource Policies:

User PoliciesCopied!

This type of policy controls which users can access or interact with specific network devices (e.g., servers, databases, gateways). It ensures that only authorized users have permission to access sensitive devices or services.

Example: Grant access to a DevOps team for database servers while restricting other teams' access to the same resources. This ensures only authorized users can access sensitive resources, improving network security.

Resource PoliciesCopied!

This policy controls which devices (like servers, web applications, databases, or gateways) can communicate with each other. It restricts or permits communication between devices based on the network's security needs.

Example: A web server might be allowed to communicate with a database server but blocked from connecting to other devices, such as file storage servers or printers. This limits unnecessary or unauthorized traffic between devices, enhancing network security and performance.

Default PoliciesCopied!

The Default Policies are automatically generated whenever a new network is created, enabling unrestricted two-way communication between users and resources, as well as between resources themselves. These policies ensure full connectivity during the initial setup.

  1. All Nodes: Enables all resources (e.g., servers, gateways) to communicate freely with one another in both directions.

  2. All Remote Access Gateways: Allows remote access gateways (remote-access-gws) to communicate with all resources and vice versa.

  3. All Users: Grants all users full access to all resources, ensuring open two-way communication.

  4. Network Admin: Grants users in the netmaker Admin Group and the All Networks Admin Group full two-way communication with the remote access gateways (remote-access-gws) and associated resources.

  5. Network User: Grants users in the netmaker User Group and the All Networks User Group unrestricted access to remote access gateways (remote-access-gws) and associated resources in both directions.

How to Add ACLs in NetmakerCopied!

Navigate to the Access Control tab in your Netmaker network.

Click on Try New ACL to proceed.