Ingress filtering is ingress filtering. Such filtering is functionally equivalent to packet filtering and prevents suspicious traffic with malware from entering the networks. Ingress filtering is used by enterprises and Internet service providers(ISPs) and is performed by edge devices, edge routers, and firewalls that inspect IP headers from incoming data packets for suspicious bit patterns.
For IP traffic, ingress filtering blocks IP addresses used internally on the network. This ensures that attackers cannot manipulate internal IP addresses for their own purposes. The same applies to attacks via loopbacks and to mulicast addresses. Ingress filters can also block unwanted traffic from certain regions that are considered dangerous. For this purpose, the corresponding country or company addresses can be blacklisted.
If suspicious bit patterns are detected in an IP header, access to the network is blocked. Ingress filtering is designed to prevent attacks such as DoS attacks that use IP spoofing. Traffic going out of a network is monitored using egress filtering.