Systems and methods control access to an iSCSI target on a storage area network. The systems and methods include an access control list having a set of one or more entries. Each entry may have an access control type and an access control value. Requests may be received from an initiator on a host connected to the system through a network interface. The request may include a set of one or more initiator authentication values, each of the initiator authentication values having an initiator authentication type. The access control list may be searched for an entry matching the authentication type and value. If such an entry is not found, access to the target may be denied.