Geo-IP Filtering

Follow

Comments

6 comments

  • Avatar
    Todd Haehn

    It would be better to block by region (North America, Europe, Asia, etc.) rather than by country.  Even better is block everything except a region so only allow North America for instance.

    1
    Comment actions Permalink
  • Avatar
    Support Team

    @Todd

     

    This is an interesting request. Do you want to use it for business or personal?

     

    Block by region may generate too many ACLs in the box. Maybe Gold can do that.

     

    Block everything except a region is a good idea, we are working on white list feature, which will have better performance than black list feature in your scenario.

     

    Melvin

    0
    Comment actions Permalink
  • Avatar
    Todd Haehn

    I am a home user.  I had the RDP port open and was getting warnings constantly from all over the world.  Block everything except a white list would have solved the issue because I only want to access the RDP from one IP address.

    0
    Comment actions Permalink
  • Avatar
    Support Team

    Make sense.

     

    For now, the workaround I can suggest is changing the port from default 3389 to higher port, such as 34589, which will significantly reduce the number of alarms. Because the scanners usually only scan well-known ports.

    0
    Comment actions Permalink
  • Avatar
    Christoph Binder

    Hi, can I piggyback on this request. I recently installed a blue firewalla on a small business network and its working well so far but I do think it would make sense to have a whitelist by region, it would use less memory on the device than maintaining a massive list of county specific IP addresses that need to be updated and blocked, and would allow for better protection because in my case this is a small business doing work in the US only. They have no foreign clients or tech needs. I know a attackers could just use a US endpoint vpn or run an attack from a compromised machine in the US, but those would be easier to monitor than attacks from anyone in the world.   

    0
    Comment actions Permalink
  • Avatar
    Support Team

    @Christoph

     

    The white list feature will be supported in the next release.

     

    Melvin

    0
    Comment actions Permalink

Please sign in to leave a comment.