Common Network Security Functions
ADR-0021 · Author: Sybil Melton · Date: 2025-02-07 · Products: platform
Originally
Originally
0036_common-network-security-functions (v5) · Source on Confluence ↗Common network security functions and where it is typically deployed in the topology.
| Network Security Function | Ingress | Egress | East-West |
|---|---|---|---|
| Web Application Firewall [WAF] | - Cloudflare - Cloud Armor - inline appliance | ||
| Intrusion Prevention [IPS] | - inline appliance | - inline appliance | |
| State Firewall and ACL | - Cloud Firewall Essentials | ||
| AntiVirus Protection/Blocking | - inline appliance - Host agent | - inline appliance - Host agent | - inline appliance - Host agent |
| URL/FQDN Filtering | - inline appliance - Cloud Firewall Standard | - inline appliance - Cloud Firewall Standard | - inline appliance - Cloud Firewall Standard |
| Data Loss Prevention [DLP] | - inline appliance - Cloud DLP | ||
| Layer7 doS | - inline appliance | - inline appliance | - inline appliance |
| Malicious IP Blocking | - inline appliance - Cloud Firewall Standard | - inline appliance - Cloud Firewall Standard | |
| GeoIP Blocking | - inline appliance - Cloud Firewall Standard | - inline appliance - Cloud Firewall Standard | |
| Intrusion Detection [IDS] | - Packet mirroring policy on Cloud firewall to collector - inline appliance | - Packet mirroring policy on Cloud firewall to collector - inline appliance | - Packet mirroring policy on Cloud firewall to collector - inline appliance |
| Threat Packet Captures | Packet mirroring policy to IDS collector | - Packet mirroring policy to IDS collector | - Packet mirroring policy to IDS collector |
Last updated on