(also inbound filtering)
Ingress filtering definition
Ingress filtering is a network security mechanism that protects a network by checking and controlling the incoming traffic. In computer networking, “ingress“ refers to the process of data entering a network or passing through a network boundary, for example, a router or firewall. It works like a security guard at the entrance of a building, allowing only authorized people to enter and keeping out anyone who shouldn’t be there.
Ingress filtering usually operates at the network layer (Layer 3) of the TCP/IP protocol stack, examining the headers of incoming IP packets. It involves comparing the source IP address of the packet against a set of predefined rules or access control lists. If the source IP address is found to be invalid or not permitted based on the defined policies, the packet is dropped or discarded.
The main purpose of ingress filtering is to stop harmful or unauthorized data from getting into a network. It helps protect against different types of attacks, like IP spoofing and distributed denial-of-service (DDoS) attacks, by filtering out packets with forged or illegitimate source IP addresses. By using ingress filtering, organizations can make their networks safer and more reliable.