Network-Security

A firewall is a security control that filters network traffic based on defined rules so unauthorized or unnecessary communication can be limited.

A web application firewall inspects HTTP and HTTPS requests to help detect or block suspicious web traffic before it reaches an application.

Monitors traffic or activity for suspicious patterns and generates alerts without necessarily blocking the activity.

Inspects traffic for suspicious patterns and can automatically block activity that matches prevention logic.

Creates protected connectivity between devices or networks over a less trusted path such as the public internet.

Provides narrower, identity-aware access to applications without assuming network location alone should grant trust.

Network segmentation divides networks into smaller zones so traffic can be controlled more tightly and security incidents are easier to contain.

Microsegmentation applies very granular traffic controls between workloads or services so access is limited to specific allowed communications.

A demilitarized zone is a network area used to place externally reachable services away from more sensitive internal systems.

A bastion host is a specially hardened system used as a controlled access point into sensitive environments.

Deep packet inspection examines packet contents and metadata more closely than basic header-based traffic filtering.

Network access control decides whether a user or device can join a network and what level of access it receives based on identity, posture, or policy.

Egress filtering is the network-control practice of restricting which outbound connections internal systems or workloads are allowed to make.

East-west traffic is network communication between internal systems, services, or workloads rather than traffic crossing into or out of the environment.

DNS filtering controls domain resolution so users and systems are blocked from reaching risky destinations.

Controls that protect email systems, users, and workflows from fraud, malware, and data exposure.

DNSSEC adds authenticity and integrity checks to DNS data so resolvers can detect tampering or spoofing.

SSH, or Secure Shell, is a protocol used to securely administer remote systems and move command-line traffic over an encrypted connection.

Full packet capture is the recording of complete network packets so teams can inspect the contents and context of network communication in detail.

Network telemetry is the operational data that describes network activity, health, communication patterns, and security-relevant traffic behavior.

An allowlist permits only explicitly approved users, devices, applications, addresses, or destinations and blocks everything else by default.

A denylist blocks specified users, files, addresses, domains, or other items while leaving other activity permitted by default.

Interception attack where an attacker sits between parties to observe, alter, or relay traffic.

Controls that help mail systems verify whether a message came from an authorized sender.