Creating Geo IP Policies
To access this page, click Configure>Shared Objects>Geo IP.
You can create Geo IP policies from the Geo IP policies page.
Before You Begin
- You must have a Sky ATP account to receive Geo IP feeds.
Make sure you configure the necessary steps for Sky ATP before creating
a Geo IP policy.
- Geo IP filtering is a useful tool when you are experiencing
certain types of attacks, such as DDOS from specific geographical
locations.
- If you are using Sky ATP without Policy Enforcer, you
must select your Geo IP policy as the source and/or destination of
a firewall rule to apply it.
Procedure
To create a Geo IP policy:
- Select Configure>Shared Objects>Geo IP.
- Click the + icon.
- Complete the configuration by using the guidelines in Table 185 below.
- Click OK.
Table 205: Fields on the Geo IP Policy Page
Name | Enter a unique string that must begin with an alphanumeric
character and can include underscores; no spaces allowed; 63-character
maximum. |
Description | Enter a description; maximum length is 1024 characters.
You should make this description as useful as possible for all administrators. |
Countries | Select the check box beside the countries in the Available
list and click the > icon to move them to the Selected
list. The countries in the Selected list will be included in the policy
and action will be taken according to their threat level. |
Block Traffic | Choose what traffic to block from the selected countries.
Incoming traffic, Outgoing traffic, or Incoming and Outgoing traffic.
(Policy Enforcer only) |
Log Setting | Choose to log all traffic or only blocked traffic. (Policy
Enforcer only) |
Procedure
Once you have a Geo IP policy, you assign it to one more
groups (Policy Enforcer only):
- In the Group column, click the Assign to Groups link that appears here when there are no groups assigned or click
the group name that appears in this column to edit the existing list
of assigned groups.
- In the Assign to Groups page, select the check box beside
a group in the Available list and click the > icon to move
it to the Selected list. The groups in the Selected list will be assigned
to the policy.
- Click OK.
- Once one or more groups have been assigned, a Ready
to Update link appears in the Status column. You must update
to apply your new or edited policy configuration. Clicking the Ready
to Update link takes you the Threat Policy Analysis page. See Threat Policy Analysis Overview. From
there you can view your changes and choose to Update now, Update later,
or Save them in draft form without updating.
- If you are using Sky ATP without Policy Enforcer, you
must select your Geo IP policy as the source and/or destination of
a firewall rule. Navigate to Configure > Firewall
Policy > Policies.
Related Documentation
Help us to improve. Rate this article.
Feedback Received. Thank You!