[ATP/FLEX] How to block IP traffic by Geo IP on Nebula
Options
Zyxel_James
Posts: 788 
Guru Member
Guru Member
Nebula Control Center supports Geo IP that allows you to block internet traffic coming in from a specific region or country that is usually very suspicious/well-known to be the origin of malicious attacks. On the contrary, you can also only allow internet traffic coming in from your country.
Configure Steps
Go to Configure > Firewall > Security policy, create a new rule
- Input a name for the security rule
- Select Deny as Action
- Select the suspicious/malicious country as Source
- Select Any as Destination.
After the Geo IP security rule is configured, requests from that country to your device or your internal networks will be blocked. You can enable the log button to monitor the denied actions.
To look up the Geo IP database version, please connect to ssh and input “show geo-ip database version"
To look up the country of the IP address, please connect to ssh and input “show geo-ip geography address x.x.x.x”
Tagged:
0
Categories
- All Categories
- 439 Beta Program
- 2.8K Nebula
- 200 Nebula Ideas
- 126 Nebula Status and Incidents
- 6.3K Security
- 497 USG FLEX H Series
- 323 Security Ideas
- 1.6K Switch
- 83 Switch Ideas
- 1.3K Wireless
- 49 Wireless Ideas
- 6.8K Consumer Product
- 286 Service & License
- 457 News and Release
- 89 Security Advisories
- 31 Education Center
- 10 [Campaign] Zyxel Network Detective
- 4.3K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 85 About Community
- 96 Security Highlight