Solutions

How-To Articles

How to configure Country Based Traffic Blocking

06-05-2021 11:23:22 0 0

Overview:

There are certain countries that are known to be the source of many network-based attacks. In order to prevent your network from such country networks, you can block incoming traffic from those countries. Some companies have a requirement where they do not want any data going to a particular country, in that case, you can block all outgoing traffic to that country's networks.

UTM contains the database of the networks and their respective countries which is used to make the decision. This country to IP database is updated on a monthly basis.

Applicable Versions: UTMv2.3 and above

Configuration Steps: How to configured Country Based Traffic Blocking

Note: This is a global configuration and will be applied to all the traffic going through the UTM

1.Navigate to Security > Country Based Traffic Blocking

2.Toggle and enable the Country Based Traffic Blocking status button.

3.In the country list, toggle the corresponding status button for a country from which you want to block the traffic from and to your local network.

4.Click the Edit button icon beside the status button to configure whether you want to alert or alert and drop the traffic from the designated country

- If you select Alert, you will only be alerted on the dashboard if any traffic is sent to or comes from on the dashboard.

- If you configure the Alert and Drop option, all packets to and from that network will be dropped and alerts displayed on a dashboard.

5.Select the traffic type, whether Incoming, Outgoing, or both.

6.Click Save.

Configuration Steps: How to Create exclusions for certain countries.

You may need to exclude certain networks from certain countries from which you may have blocked network traffic. You can add these networks to your network definition list and add that definition to the exclusion list.

1. Navigate to Security > Country Based Traffic Blocking.

2. In the Exclusions area, click the + icon to create a new exclusion rule.

3. Enter a name for the rule.

4. Select the direction of the traffic that you want to block, whether incoming or outgoing or both.

5. Select the network that you want to exclude from the Definition types available or create a new definition type using the + (Add) icon.

6. Click Save. The exclusion is saved and applied

Diagnostics: In order to find out which particular country an IP belongs to, you can navigate to Support -> Diagnostics. Enter the IP address and click “Get Country Name”.



Please contact Seqrite Technical Support for more assistance

Vote

Was this article helpful?
0 out of 0 found this helpful