rvlsoft - Fotolia
The network edge is where an enterprise network connects to a third-party network. Commonly, this connection will be a WAN service provider at the WAN edge or an internet service provider at the internet edge.
The point is: You're connecting your equipment to someone else's. In these cases, added network edge security is required to prevent malicious activity from the foreign network moving into yours.
Many tools are available to protect the network edge. The most common choice today is a traditional network-based firewall. A firewall is a great first line of defense to permit or deny traffic based on IP address and protocol or port number.
Getting more granular, you can implement an intrusion prevention system to monitor traffic to see if any known malicious signatures are matched. If a packet is found to contain a malicious signature, it is stopped and blocked from entering the secure side of your network.
More modern methods to reinforce network edge security include application-layer firewalls that perform deep packet inspection up to Layer 7 of the OSI model. These firewalls can look further into an IP packet to enable administrators to block traffic based on the application or service being used.
Other network security tools, such as network-based malware protection, data loss prevention and cloud-based threat intelligence and sandboxing services, are also great ways to protect the network edge from more advanced threats.
Dig Deeper on Edge computing
Related Q&A from Andrew Froehlich
While network security focuses on solely protecting networks, cloud security provides protection for networks, servers, containers, apps and more. Continue Reading
IP address leaks, DNS service leaks and WebRTC transmissions could expose your online activities if you use certain unreliable third-party VPN ... Continue Reading
Even though they have common traits, there is a difference between a Layer 3 switch and a router. Each plays a key role in making sure packets get ... Continue Reading