rvlsoft - Fotolia
The network edge is where an enterprise network connects to a third-party network. Commonly, this connection will be a WAN service provider at the WAN edge or an internet service provider at the internet edge.
The point is: You're connecting your equipment to someone else's. In these cases, added network edge security is required to prevent malicious activity from the foreign network moving into yours.
Many tools are available to protect the network edge. The most common choice today is a traditional network-based firewall. A firewall is a great first line of defense to permit or deny traffic based on IP address and protocol or port number.
Getting more granular, you can implement an intrusion prevention system to monitor traffic to see if any known malicious signatures are matched. If a packet is found to contain a malicious signature, it is stopped and blocked from entering the secure side of your network.
More modern methods to reinforce network edge security include application-layer firewalls that perform deep packet inspection up to Layer 7 of the OSI model. These firewalls can look further into an IP packet to enable administrators to block traffic based on the application or service being used.
Other network security tools, such as network-based malware protection, data loss prevention and cloud-based threat intelligence and sandboxing services, are also great ways to protect the network edge from more advanced threats.
Dig Deeper on Edge computing
Related Q&A from Andrew Froehlich
Migrating to UCaaS doesn't mean organizations need to leave legacy hardware behind. But organizations must ensure UC devices are compatible with ... Continue Reading
Cost, complexity and interoperability issues with existing network components are some of the weaknesses of SD-WAN that organizations need to ... Continue Reading
A migration from WPA2 to WPA3 is not simple. Organizations may need to update their hardware extensively to accommodate the newer Wi-Fi encryption ... Continue Reading