The common match fields in firewall rules refer to a packet's source and destination IP addresses, protocol, and source and destination port numbers. However, most firewalls are also capable of filtering based on a packet's direction: which network interface card the packet is crossing, and whether the packet is crossing the interface from the network into the firewall (''Inbound'') or vice versa (''Outbound''). Taking a packet's direction into account in the firewall's rules is extremely useful: it lets the firewall administrator protect against source address spoofing, write effective egress-filtering rules, and avoid unpleasant side-effects when referring to subnets that span the firewall.
Did you find this white paper useful?
Related white papers
Balancing Security Against Productivity
What makes for great security? Is it about keeping the bad guys out or letting the good guys in? About defending attacks or preventing them? When IDG Research Services queried...
Novell Zenworks Endpoint Security Management: Total Control from a Single Console
Still super gluing your USB ports shut? Unauthorized access to networks, lost or stolen laptops and other mobile hardware, and theft of proprietary information or intellectual property accounted for more...
Secure Desktop On-Demand Webcast
The desktop or endpoint is one of the most vulnerable parts of your environment. Threats are everywhere. You have users who love to experiment with device settings (only to wonder...
Unisys Australia Leverages Nortel Networks Alteon Technology to Power Rugby World Cup 2003 Tournament Views/Information System and Global Website
In more than 100 countries, Unisys delivers IT services, including systems integration, outsourcing, infrastructure, server technology and consulting. With 20 nations competing in 48 matches in 11 locations around Australia...
Small Business Webcast: Upgrade Today: An Overview of Windows XP Service Pack 2 - Level 100
Did you know that the Windows XP Service Pack 2 has a number of security enhancements to help you protect your PC? In this webcast, you will find out more...
Engineering e-Business Applications for Security
Without on-demand security there's no on-demand business. Today e-business applications provide critical links among businesses, customers and partners. Any vulnerability translates quickly into loss of revenue, confidence and trust. Traditionally,...
Protecting the Enterprise Network: Layered Network Security Defense
Securing the network perimeter and prohibiting unauthorized access from within can prove to be a daunting challenge. Today's businesses must guarantee uninterrupted access to network resources. Products must be designed...
