Egress security in the public cloud comprises a significant portion of the total security posture toward protecting public cloud workloads. Questions arise as to what is adequate, good, better, and best when protecting the applications requiring egress to public internet and limiting the “blast radius” in the event of a security breach.
- Where am I vulnerable?
- Is FQDN, or URL, filtering better?
- Should I care about Data Loss Prevention (DLP)?
- Should I deploy a proxy?
- Maybe I need Malware detection also?
- How can I determine if my data is compromised?
- What are my workloads really accessing and why?
Compare Valtix to Aviatrix egress filtering and cloud firewall in this critical capabilities report.
|Functions||NAT Gateway||Squid Proxy1||Aviatrix FQDN||Valtix Egress|
|Forward/Reverse Proxy (as needed)|
|Custom Lists for Domain Category|
|Auto Discovery (App-Tag-based)|
|Auto Malware Detection|
|Data Loss Prevention (DLP)|
|Flow Log Visibility|
|Multi AZ High Availability|
|Allowed/Denied Session Logs|
|Automation and Management|
|Managed Service (SaaS)|