Geographic filters detect and manage traffic based on a computer’s IP address/hostname
within a geographic region or country. These filters enable you to perform actions
based on the countries that you allow or deny in a filter. An IP address can be tied
to real-world geographic regions or countries, and identifying a client’s geographic
location may provide clues about the user’s intentions. The SMS supports real-time
geolocation analysis through the integration of the free MaxMind GeoLite City binary
database.
 |
NoteIf you have a paid MaxMind subscription, you can import the database file.
Learn more.
|
A Geographic filter is similar to a Reputation filter in that it associates an action
set, and when the profile containing the Geographic filter is distributed to a device,
the specified actions are applied to traffic that matches the included and excluded
countries.
Creating a Geographic filter consists of two steps. In the first step, you define
the general settings: the name for the filter, the state, the locked status, and the
action set that specifies whether to allow or deny traffic based on the geographic
region. In the second step, you search for, select, and evaluate the country criteria
as an
inclusion or
exclusion. Once you distribute the filter, you will can view events and generate reports based
on this filter.
|
NoteA country can only be assigned to one Geographic filter at a time. For example, if
you create a filter and allow Japan, you cannot search for and select Japan in a different
Geographic filter until you remove it from the first filter.
|
 |
ImportantServices that attempt to hide their geographic origin through proxies,
VPNs, or other obfuscating services cannot be geographically identified by MaxMind.
Other services might have IP addresses that belong to an AnyCast network, which
masks
where their endpoints reside. The SMS might display these locations as
unknown. In order to maintain your restrictive geographic policies,
you can respond with one of the following strategies:
|