IPset Network Segmentation Virtual Tunnel Interface (VTI) Encapsulating Security Payload (ESP) Network Address Translation (NAT) Source/Destination Check Subnet TLS Cipher Suite VPC 3DES Advanced Encryption Standard Autonomous System Border Gateway Protocol CIDR Clientpack Destination NAT Diffie-Helman Encryption Internet Key Exchange (IKE) IP Forwarding Maximum Transmission Unit (MTU) Network Sniffer OpenVPN Overlay Network Perfect Forward Secrecy (PFS) Security Association (SA) SHA SNMP Transmission Control Protocol (TCP) Transport Layer Security (TLS) User Datagram Protocol (UDP) VNS3 Peer VNS3 Routing Agent Wireguard Workforce Service Edge x509 Certificate Ipsec

IPset

IPsets are an extension to linux IPtables firewalling functionaliy. It is a part of the larger netfilter framework. IPsets allow administrators to write firewall rules that match sets of IP ranges or ports efficiently.

One example use case is to create a blacklist in your firewall for IP addresses that are known to be malicious actors. An administrator will maintain an IPset containing the blacklisted IP addresses and create a firewall rule that will drop all traffic from the set. These sets are stored as binary indexes allowing for efficient lookup.

IPsets also simplify certain network configurations such as network segmentation.