Country Block and security policy ordering

cancel
Showing results for 
Search instead for 
Did you mean: 

Country Block and security policy ordering

L1 Bithead

We are currently setting up policies to block all traffic to\from all countries except a select few. The rules are in place and seem to be  working well. As a best practice, do you create a deny rule for all other out of country or do you just let the interzone-default rule catch the rest? If you do create a rule, is it best practice to keep defining your rules until both the interzone-default & intrazone-default rules don't get hit?

1 REPLY 1

L1 Bithead

Hi RussMc,

 

Its good to have a deny rule so that you can block malicious IP traffic from all allowed countries.

Else such accepted traffic may hit on one of the rule above default rules.(i mean example: any traffic from to DMZ/public facing servers)

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!