As you know I'm working as an Cisco network engineer and I wanna show you some of our trolling in our office.
We have a few trainees...Who aren't that skilled yet...
I add this rule in our firewall:
access-list inside_access_in line 1 extended deny ip host 172.21.11.203 any
It's an access list, who can access the internet or not.
That IP-address is the ip address of one of our trainees.
Deny ip sais he is denied by Ip protocol, so all protocols.
Blocked to any, so he can't access the internet.
_________________Proud Clan leader