Josh Coen and Jason Langer have prepared the latest edition of VCP study guide. Both authors have been working in the IT field for more than a decade, and both hold VMware certifications. This 163-page guide covers all 10 of the exam blueprint sections.
Solved
sonicwall
Posted on 2010-08-31
We have a Sonicwall 4060. We get a lot of threats from outside the US, yet we don't do any business outside the US.
Is it possible to tell the Sonicwall to simply DENY ALL REQUESTS/ALL TRAFFIC from IP addresses with an origination outside the US?
thanks
Is it possible to tell the Sonicwall to simply DENY ALL REQUESTS/ALL TRAFFIC from IP addresses with an origination outside the US?
thanks
[X]
Welcome to Experts Exchange
Add your voice to the tech community where 5M+ people just like you are talking about what matters.
- Help others & share knowledge
- Earn cash & points
- Learn & ask questions
3
2
- +1
7 Comments
It seems not to be possible and even if it were i would be VERY much advising any clients of mine against it, you can never be 100% sure of the exact location of IP addresses (subnetting, especially for the larger IP allocations). At best it would need some form of RIPE lookup on a per packet basis which would be very intensive for a heavy traffic site. Aside from the potential for error and thus blocking wanted traffic the admin overhead would be intense.
I've had a quick look on some tech sheets incase im missing any new developments and from what i can see it isnt something that you can do on that device.
I've had a quick look on some tech sheets incase im missing any new developments and from what i can see it isnt something that you can do on that device.
What woolnoir said. You would be creating a LOT of headaches if you tried to do this.
The firewall is blocking all uninvited traffic by default. Are you trying to also block connections to "foreign" IPs even if they originate from requests from your network (i.e. your user clicks on a .uk url)?
The firewall is blocking all uninvited traffic by default. Are you trying to also block connections to "foreign" IPs even if they originate from requests from your network (i.e. your user clicks on a .uk url)?
Yes. We have ZERO need for anything outside the US at this time. I appreciate your comments. It's really just something I was thinking about, wondering if possible because I just see so many intrusion attempts, all originating outside the US.
You may be able to report on it, but with most firewalls even thats not possible. Just image that each connection attempt is potentially 100's maybe even more packets and for the report to be consistent a geo-ip lookup needs to happen on every ip - its a big undertaking.
Our proxy server (a bluecoat) offers the same feature set for web access... based on URL inspection, and the reporting engine of that dies when we ask for Geo-ip lookups - imagine that x 10000.
Our proxy server (a bluecoat) offers the same feature set for web access... based on URL inspection, and the reporting engine of that dies when we ask for Geo-ip lookups - imagine that x 10000.
It would be nice if there were a quick way to do it, i dont imagine RIPE would be too pleased either with the multiple order of magnitude increase on the number of IP queries they get... i'd see some evil humour in that one.
I understand what you're getting at but the Internet is so "global" now (like everything else) that some of the content from a US-based site could be linked from just about anywhere in the world. I would say disregard, firewall is operating as intended.
there is a feature called Geo-IP Filtering. ( https://www.fuzeqna.com/sonicwallkb/consumer/kbdetail.asp?kbid=8963&formaction=catalert ) .
its possible with the new firmware 5.8.1.x ( for example the tz 210 or nsa 240, nsa 2400 ...) has it . Unfortunatly not the pro 4060.
its possible with the new firmware 5.8.1.x ( for example the tz 210 or nsa 240, nsa 2400 ...) has it . Unfortunatly not the pro 4060.
Featured Post
We know how difficult it can be to evaluate Wi-Fi vendors, so we created this helpful Wi-Fi Buyer's Guide to help you find the Wi-Fi vendor that's right for your business! Download the guide and get started on our checklist today!
Question has a verified solution.
If you are experiencing a similar issue, please ask a related question
This article will inform Clients about common and important expectations from the freelancers (Experts) who are looking at your Gig.
In this article, WatchGuard's Director of Security Strategy and Research Teri Radichel, takes a look at insider threats, the risk they can pose to your organization, and the best ways to defend against them.
- IT Administration
- Hardware Firewalls
- Cybersecurity
- Network Management
- Network Security
- WatchGuard, Security
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail. The methods are covered in more detail in o…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…
Suggested Courses
Course of the Month9 days, 16 hours left to enroll
609 members asked questions and received personalized solutions in the past 7 days.
Join the community of 500,000 technology professionals and ask your questions.