Monday, December 23, 2019

Discuss the Roles and Motivations for Separately Filtering...

Discuss the roles and motivations for separately filtering ingress and egress traffic in the enterprise network. Describe separate conditions for both ingress and egress traffic as they transit the network. Discuss: What roles do ingress and egress filtering play in protecting a network? How do protective isolations help to protect a network? Why do we need to separate and isolate the types of traffic? Ingress filtering is the filtering of any IP packets with untrusted source addresses before they have a chance to enter and affect your system or network. It can protect users from malicious attacks based on spoofing, where a hacker attempts to make a packet look like it originated from somewhere else. Internet service providers (ISPs)†¦show more content†¦Especially communication between servers has very predefined patterns of communications. By only allowing this traffic you are sure that no one wills accidently compromise the server by adding new software, and thus raise the security. . The main purpose of egress filtering is to ensure that unwanted or destructive traffic (such as malware, unauthorized e-mail messages, or requests to Web sites). To create an isolated network, you need to separate the various types of computers on the organization network according to the type of access you want the computers to have. The communication requirements are the following: Computers on the isolated network can initiate communications with all of the computers on the organization network, including those that are not located on the isolated network. Computers that are not on the isolated network can initiate communications only with other computers that are not on the isolated network. They cannot initiate communications with computers on the isolated network. REFERENCE http://msdn.microsoft.com/en-us/library/ff648651.aspx http://whatis.techtarget.com/definition/egress-filtering

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.