Egress filtering

Egress filtering is a method of restricting a computer network's traffic for the purpose of enforcing security. Outgoing packets are monitored as they pass through a router or gateway, and if they violate any security policies, they are denied egress: they are not allowed to exit the network.

In corporate networks that practice egress filtering, packets are usually restricted if they did not originate from a limited set of trusted internal servers. They might also be restricted by protocol — for instance, only HTTP (HyperText Transfer Protocol), DNS (Domain Name System), and e-mail packets might be allowed to leave the network, and others might be restricted.

Access control, Filter, Firewall, Network, Network security, Network terms, Security