[ATP/FLEX] How to block IP traffic by Geo IP on Nebula
Zyxel_James
Posts: 356
Zyxel Employee
Zyxel Employee
Nebula Control Center supports Geo IP that allows you to block internet traffic coming in from a specific region or country that is usually very suspicious/well-known to be the origin of malicious attacks. On the contrary, you can also only allow internet traffic coming in from your country.
Configure Steps
Go to Firewall > Configure > Security policy, create a new rule
- Input a name for the security rule
- Select Deny as Action
- Select the suspicious/malicious country as Source
- Select Any as Destination.
After the Geo IP security rule is configured, requests from that country to your device or your internal networks will be blocked. You can enable the log button to monitor the denied actions.
To look up the Geo IP database version, please connect to ssh and input “show geo-ip database version"
To look up the country of the IP address, please connect to ssh and input “show geo-ip geography address x.x.x.x”
Tagged:
0
Categories
- 8.5K All Categories
- 1.6K Nebula
- 71 Nebula Ideas
- 57 Nebula Status and Incidents
- 4.5K Security
- 226 Security Ideas
- 983 Switch
- 46 Switch Ideas
- 878 WirelessLAN
- 22 WLAN Ideas
- 5.1K Consumer Product
- 157 Service & License
- 280 News and Release
- 59 Security Advisories
- 13 Education Center
- 580 FAQ
- 263 Nebula FAQ
- 160 Security FAQ
- 76 Switch FAQ
- 74 WirelessLAN FAQ
- 7 Consumer Product FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 69 About Community
- 46 Security Highlight