Security Services : Security Services > Geo-IP Filter

Security Services > Geo-IP Filter
The Geo-IP Filter feature allows you to block connections to or from a geographic location. The Dell/SonicWALL network security appliance uses IP address to determine to the location of the connection.
Topics:
Configuring Geo-IP Filtering
To configure Geo-IP Filtering, perform the following steps:
1
Navigate to Security Services > Geo-IP Filter page.
 
2
To block connections to and from specific countries, select the Block connections to/from countries listed in the table below option. If this option is enabled, all connections to/from the selected list of countries will be blocked. You can specify an exclusion list to exclude this behavior for selected IPs, as described below in <Blue XRef>8.
3
All Connections: All connections to and from the firewall are filtered. This option is enabled by default.
Firewall Rule-Based Connections: Only connections that match an access rule configured on the firewall are filtered for blocking.
4
If you want to block all connections to public IPs when the Geo-IP database is not downloaded, select the Block all connections to public IPs if GeoIP DB is not downloaded option.
5
6
Under Countries, in the Blocked Country table, select the countries to be blocked. Clicking the checkbox at the top of the table selects all countries, and then you can select countries to be excluded from blocking by deselecting them.
7
If you want to block any countries that are not listed, select the Block ALL UNKNOWN countries option. All connections to unknown public IPs will be blocked.
8
Select an address object or address group from the Geo-IP Exclusion Object drop-down menu or create.
Create a new address object or address group by selecting Create new address object… or Create new address group… from the Geo-IP Exclusion Object drop-down menu.
The Geo-IP Exclusion Object is a network address object group that specifies a group or a range of IP addresses to be excluded from the Geo-IP filter blocking. All IP addresses in the address object or group will be allowed, even if they are from a blocked country.
For example, if all IP addresses coming from Country A are set to be blocked and an IP address from Country A is detected, but it is in the Geo-IP Exclusion Object list, then traffic to and from this IP address will be allowed to pass.
For this feature to work correctly, the country database must be downloaded to the appliance. The Status indicator at the top right of the page turns yellow if this download fails. Green status indicates that the database has been successfully downloaded. Click the Status button to display more information.
For the country database to be downloaded, the appliance must be able to resolve the address, geodnsd.global.sonicwall.com.
When a user attempts to access a web page that is from a blocked country, a block page is displayed on the user’s web browser.
9
Click the Accept button at the top of the page to enable your changes.