The Geo-IP Filter feature allows administrators to block connections to or from a geographic
location based. The SonicWALL appliance uses IP address to determine to the location of the connection.
To configure Geo-IP Filtering, perform the following steps:
1.
|
Enable
Block connections to/from following countries
to block all connections to and from specific countries.
|
|
–
|
All
: All connections to and from the specified countries are blocked.
|
|
–
|
Firewall Rule-Based
: Only connections that match an access rule configured on the appliance will be blocked.
|
3.
|
Select
Enable logging
to log Geo-IP Filter-related events.
|
For this feature to work correctly, the country database must be downloaded to the appliance.
The Status
indicator at the top right of the page turns yellow if this download fails. Green status indicates that the database has been successfully downloaded. Click the Status
button to display more information.
In order for the country database to be downloaded, the appliance must be able to resolve the
address, "geodnsd.global.sonicwall.com".
When a user attempt to access a web page that is from a blocked country, a block page is
displayed on the user’s web browser.
The Botnet Filtering feature allows administrators to block connections to or from Botnet
command and control servers.
To configure Botnet filtering, perform the following steps:
1.
|
Enable
Block connections to/from Botnet Command and Control Servers
to block all servers that are designated as Botnet servers. Use the exclusion list below to exclude approved IP addresses.
|
|
–
|
All
: All connections to and from the specified countries are blocked.
|
|
–
|
Firewall Rule-Based
: Only connections that match an access rule configured on the appliance will be blocked.
|
3.
|
Select
Enable logging
to log Botnet Filter-related events.
|
The Botnet Filter also provides the ability to look up IP addresses to determine the domain
name, DNS server, the country of origin, and whether or not it is classified as a Botnet server. To do so, perform the following steps:
Details on the IP address are displayed below the
Result
heading.