rvlsoft - Fotolia
The network edge is where an enterprise network connects to a third-party network. Commonly, this connection will be a WAN service provider at the WAN edge or an internet service provider at the internet edge.
The point is: You're connecting your equipment to someone else's. In these cases, added network edge security is required to prevent malicious activity from the foreign network moving into yours.
Many tools are available to protect the network edge. The most common choice today is a traditional network-based firewall. A firewall is a great first line of defense to permit or deny traffic based on IP address and protocol or port number.
Getting more granular, you can implement an intrusion prevention system to monitor traffic to see if any known malicious signatures are matched. If a packet is found to contain a malicious signature, it is stopped and blocked from entering the secure side of your network.
More modern methods to reinforce network edge security include application-layer firewalls that perform deep packet inspection up to Layer 7 of the OSI model. These firewalls can look further into an IP packet to enable administrators to block traffic based on the application or service being used.
Other network security tools, such as network-based malware protection, data loss prevention and cloud-based threat intelligence and sandboxing services, are also great ways to protect the network edge from more advanced threats.
Dig Deeper on Edge computing
Related Q&A from Andrew Froehlich
Content delivery networks and cloud computing architectures may appear to serve the same function. But each has a specific role to play when ... Continue Reading
Prevention is the only line of defense against an extortionware attack. Learn how extortionware works and why it can be more damaging than ransomware. Continue Reading
An IAM system introduces risks to the enterprise, but the consensus is the benefits of IAM outweigh the drawbacks. What are some of the issues that ... Continue Reading