Blocking Traffic by Country on Production Networks

by Timothy M. Mullen
Sept. 15, 2017 2 comments Symantec firewall

When I originally posted to Bugtraq regarding the use of country-by-country sets to control traffic to or from any particular country, I knew that it was not a new idea. However, applying the concept for use with Microsoft's ISA Server was at least a new application for it, and apparently has had some utility for people based on the thousands of downloads that have been made of the free sets from the Hammer of God Web site. As promised in that post, here is some more detailed information on the use of country-by-country data sets in firewall configurations, where it may be appropriate, and methods by which one may use the sets to create traffic reports. While the methods listed and tools available are created specifically for ISA, the concept can be applied to any product that supports the necessary data elements.

https://www.symantec.com/connect/articles/blocking-traffic-country-production-networks

Avatar
2flash 2 months, 2 weeks ago

I really find it a valuable solution and appreciate the way you've structured this presentation! Thanks for the share!

Reply
Avatar
Steven Ulm 2 months, 4 weeks ago

Traffic country blocks might bring more disadvantages than advantages on long-term. I wouldn't recommend it as a solution...

Reply