Geo-IP Filtering

Follow

Comments

4 comments

  • Avatar
    Todd Haehn

    It would be better to block by region (North America, Europe, Asia, etc.) rather than by country.  Even better is block everything except a region so only allow North America for instance.

    0
    Comment actions Permalink
  • Avatar
    Melvin Tu

    @Todd

     

    This is an interesting request. Do you want to use it for business or personal?

     

    Block by region may generate too many ACLs in the box. Maybe Gold can do that.

     

    Block everything except a region is a good idea, we are working on white list feature, which will have better performance than black list feature in your scenario.

     

    Melvin

    0
    Comment actions Permalink
  • Avatar
    Todd Haehn

    I am a home user.  I had the RDP port open and was getting warnings constantly from all over the world.  Block everything except a white list would have solved the issue because I only want to access the RDP from one IP address.

    0
    Comment actions Permalink
  • Avatar
    Melvin Tu

    Make sense.

     

    For now, the workaround I can suggest is changing the port from default 3389 to higher port, such as 34589, which will significantly reduce the number of alarms. Because the scanners usually only scan well-known ports.

    0
    Comment actions Permalink

Please sign in to leave a comment.

Powered by Zendesk