Expanding egress traffic visibility

Expanding on egress traffic visibility, Tailscale now offers Enterprise customers the ability to monitor destination addresses for traffic exiting the network via an exit node, thereby enhancing forensic analysis during security incidents. Previously, destination logging was redacted to prevent misuse, as exit nodes are designed to secure internet traffic over untrustworthy connections, not for surveillance. However, understanding which external endpoints a compromised device accessed can aid in assessing the incident's severity and tracing attack vectors. This feature, compliant with frameworks like MITRE’s ATT&CK, helps in identifying lateral movements and external threats. Enterprise users can activate exit node destination logging through the Tailscale admin console, providing crucial insights while maintaining the network's security integrity.