Receive daily AI-curated summaries of engineering articles from top tech companies worldwide.
Endigest AI Core Summary
Google Cloud NGFW Enterprise introduces domain and SNI-based URL filtering with wildcard support to overcome the limitations of IP-based firewall rules in cloud environments.
•Domain and SNI filtering inspects L7 HTTP(S) headers, enabling granular egress control beyond traditional IP/FQDN-based filtering
•TLS traffic can be filtered via SNI headers during the TLS handshake without requiring full decryption, preserving end-to-end encryption
•Wildcard domain matching (e.g., *.example.com) covers all subdomains with a single rule, reducing operational overhead
•URL filtering protects against SNI header spoofing by evaluating L7 headers before granting application access
•Setup involves three steps: deploying NGFW endpoints, creating security profiles with URL filters, and referencing them in firewall policy rules
This summary was automatically generated by AI based on the original article and may not be fully accurate.
Google Cloud
The Hacker News