In Chapter 1, you learned that security, robustness, and business drivers are the primary motivations for implementing network traffic policies, and in Chapter 2 you learned how to format, build, and maintain standard and extended access lists. With this background, you are now ready to implement policies for the first key motivation: security. There are three sections in this chapter. Since security policies most often use two different tools in the network administrator’s policy tool kit—router resource control and packet filtering—there is a section on each. These router resources include services on the router, such as Telnet or SNMP access that should be closely managed by any network administrator. Packet filtering, or regulating what kind of packets can flow through the router, is commonly used in firewall applications. Since access lists consume resources on the router, I have included Section 3.3 in this chapter, which describes some alternatives to access lists you might want to consider when implementing security policies.