Egress filtering is a process in which outbound data is monitored or restricted, usually by means of a firewall that blocks packets that fail to meet certain security requirements. The word "egress" means "outgoing"; an egress router, for example, is one through which packets leave a network on their way to another network.
The main purpose of egress filtering is to ensure that unwanted or destructive traffic (such as malware, unauthorized e-mail messages, or requests to Web sites) do not leave a particular network. An example might be the use of a firewall to keep students on a university's campus network from sending out malware or copyrighted material from any of the computers within that network. Egress filtering can also be used to allow only certain servers or computers within an organization's network to send data out of that network. This precaution can prevent, for example, employee use of corporate computers for casual Web surfing or excessive personal correspondences.