03-16-2022 04:55 AM
Hello everyone.
I want traffic only from my own region. I want to block all other regions. How to do this process in a simple and short way?
03-16-2022 05:59 AM
Hi @Fagani ,
We have option in Palo Alto to configure security policy based on source and/or destination region / countries / Geo-Location where you can define action (allow/deny) against same based on your requirement. If you want to allow traffic from one specific region & block rest, then you can have two policies where one will allow traffic from one region and other policy you will have to configure below allowed one. This second policy will block traffic from unwanted region.
Below Palo Alto provided articles may help you with the configuration part. Also there is very good blog on this shared by @kiwi . Please check this to go through it. This will also help you.
03-17-2022 11:56 PM
Thank you very much.
I will have one more question. Which requires more resources DROP or DENY?
03-18-2022 07:39 AM
We do it in a Geo Location Deny rule (just what we have called it) and use the negate option to deny all traffic that isn't in the regions added from the outside to inside. We also use regions on inside to outside traffic although you have to be careful as many of the content providers now have datacenters in various countries. We are using Deny.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
