- 最新
- 最多得票
- 最多評論
For (1), GENEVE is not very common as it is a relatively new protocol. The launch partners for GWLB are listed on the announcement page - I'm sure there will be more but customers need to talk with their chosen firewall vendor.
For (2) why does the definition of "inside" and "outside" matter? In the traditional firewall world those definitions really come from the traffic flows and with GWLB it is the same way - it is an arbitrary notion of which side is which and what normally happens is that the "inside-to-outside" flows (i.e. those that are initiated from a customer's internal network) are generally more permissive than "outside-to-inside" flows. But from the firewall's perspective there isn't much difference between them.
Admittedly, in some vendor solutions you define a "high security" and "low security" interface. But in my experience that's a little unusual as compared to others.
What the customer will probably be doing is defining which IP addresses (individual, subnets, groups) can communicate with others and that implies inside/outside relevance.
相關內容
- AWS 官方已更新 1 年前
- AWS 官方已更新 6 個月前