Ingress/Egress

Is it safe to say that the Egress policies are more important than the Ingress policies on the firewall or router?

From the videos in Volume 2, the Ingress traffic for the most part is being handled by NAT and in order for the malware to be effective after making its way into the network, it has to be able to get outside the network. Not to say that the Ingress policies aren’t important, just the Egress policies are more important.

As always it depends! Obviously some firewalls/routers are not implementing NAT. Int important to deny traffic in and out that is undesirable. What is denying that traffic could be NAT, a routers ACL, a proxy, a firewall etc.

It is most important that the inbound connections are prevented but in a home network inbound connections are usually stopped by NAT so are not a consideration as you said. Unless you have Universal Plug and Play (UPnP) enabled!!!. Outbound is usually completely open. But adding rules outbound offers little protection anyway as malware and hackers use HTTP/HTTPs which would always be open.

The truth is that perimeter security is quite a weak control anyway. Security has to travel with the asset your trying to protect.