Last updated September 26th, 2024 by Erez Tadmor
“Where you headed, cowboy?”
“Nowhere special.”
“Nowhere special? I always wanted to go there.”
Firewall management can sometimes feel like routing the wild west, but – hold your horses – there is definitely a strong level of control you possess in how your network handles inbound and outbound traffic.
Looking outside the – critical area of – rules, firewall management also includes determining how its traffic flows within networks. And “North-South vs. East West Traffic filtering” is just the start of the data flow discussion.
This blog will look at the basics of firewall traffic (inbound, outbound, etc.), as well as how network traffic is managed – and secured – as it enters, leaves, and moves laterally within the network. We’ll also dive into recommendations for how to optimize for your firewall rules, and the network security solutions and technologies that can play a hand in managing, tackling, and/or handling all of the above.
Inbound and Outbound Firewall Traffic
Before we grab the compass out of our satchel, let’s quickly cover what “inbound” and “outbound” firewall traffic (and their associated rules) cover.
When it comes to firewall rules, inbound rules serve as the real-time firewall “gatekeeper”: they focus on the source(s) of incoming traffic, whether that’s from the internet or other networks. Inbound traffic requires configuration around access (and blocking unauthorized users), particularly in order to keep potential threats (like malware) from making their way into your network(s).
As for the outbound type of traffic, rules around this – particularly in the zero trust network security model – monitor and control traffic that leaves your network. Examples include simple web requests to more complex data sharing with external services.
North-South vs. East-West Traffic Filtering
Up next, where could – and should – the data in your network firewalls be moving? There are two areas:
- North-South traffic, which inspects and filters data moving between an internal and an external network (think the world wide web)
For example, data entering a data center would be considered southbound traffic, while data exiting a data center is northbound traffic.
- East-West traffic, which enables data movement across cloud networks and web apps
This is the data moving within an internal network, and could include data traveling between servers or network devices in a data center. And, as noted above, it’s also the way in which data moves across private and public cloud networks and web apps.
Put even more succinctly, especially for those thinking in terms of API traffic:
- North-South traffic is for third parties and external systems
- East-West traffic is for internal web applications
Ready. Aim. Firewall(s)
Now that we know where and how this traffic can flow, let’s look at how to properly filter North-South and East-West traffic. And, you guessed it, when thinking about cybersecurity and security controls, a firewall is the way to go.
Firewalls include North-South traffic, which inspect and filter malicious activity, as well as point out potential vulnerabilities. They also include East-West traffic, which enables network segmentation – and, of course, inspection – of their traffic. And when it comes to which type of firewall(s), you’ve got options.
Herding – and Securing – Your Traffic: No Prodding Necessary
When it comes to traffic filtering, consider Tufin your lucky horseshoe. Thankfully, though, we’re not built on luck, so much as a centralized platform that provides end-to-end visibility, security policy automation, and firewall management all in one place.
Want to learn more? Hop off your wagon and head into our saloon for a free live demo with our firewall management posse.
Don't miss out on more Tufin blogs
Subscribe to our weekly blog digest