Sectona-Logo

Time-Based Access Control

Enforcing rules and policies on the organizational resource on a periodical basis

What is a Time-Based Access Control List?

Access Control Lists are a set of rules defined for filtering traffic through a network, moderating the risk of attacks. These rules are basically a set of permit/deny conditions, matched sequentially one after another until one condition is met and executed. A Time-Based Access List is a type of access list defined to control traffic to the network based on a time period. This method comes into the picture when an organization wishes to impose restrictions on incoming/outgoing traffic based on a particular timeframe in a day, week, or month.

What is the Importance of Time-Based Access Control?

Time-Based Access Lists are used to restrict access control based on time. Like, when an organization wants to limit internet access during the weekdays for all employees or restrict access to servers for a finite time on weekends by implementing Time-Based Access Lists limiting access to the internet or servers according to the requirement.

Simply put, with time-based access control, one can establish granular enforcement of permitting/denying access pertaining to the set time period. In other words, it offers more power and mitigates the risk of a security breach.

How to Implement it?

A Time-Based Access List can be implemented with the help of the following procedure:

  1. Define a time range with the help of the keywords’ absolute’ or ‘periodic’, wherein if we want to control access for a definitive timeframe, we use the keyword absolute, and if we’re going to control access for a specified timeframe on a periodic basis like every weekend, we use the keyword periodic.
  2. Identify the ACL and apply the time range to the ACL statements.
  3. Apply the Time-Based Access List to an interface or Virtual Terminal Lines of the Router to control access according to the requirement.

Advantages

Implementing a Time-Based Access List may result in the following advantages:

  • Easy Implementation
  • Control over traffic to a Network Administrator, who can permit or deny the traffic based on defined time-range
  • Network Administrators have control over logging messages where they can restrict access during peak hours, avoiding analysis of massive message logs as access lists log traffic only during a specific time of the day and not constantly.

How is a Time-Based Access Control Policy Maintained?

A time-based access control policy provides guidelines and high-level rules on access to resources and data. The policy is then implemented via specific procedures in order to adhere to the predetermined timeframe.

Is Authorization the Same as Access Control?

If authorization defines a policy, access control enforces it. The two terms are not interchangeable. They do, however, work hand in hand. Once you have been authorized, the system knows who you are and what you must see. The access control system unlocks the assets, so you can perform the operations you need to do.

How Does Sectona Help?

Sectona Privileged Access Management provides an in-built Time-Based Access feature which facilitates granular filtering of data packets ensuring adequate security and protection of the organizational assets. As detailed below in a preview of the solution, a User Policy entitles users to restrict and control data flow according to the requirement.