|
Description
|
With Network Security geolocation filtering,
you can block IP addresses based on Geo IP from
reaching your Network Security virtual appliance.
Geolocation filtering can also be used to mitigate
attacks like Distributed Denial of Service
(DDoS).
|
|
Rule ID
|
NS-GEO-001
|
|
Risk level
|
Low (generally tolerable level of risk)
|
|
Rule description
|
Ensure that geolocation filtering is enabled to
blocklist countries to allow or restrict users in
specific locations from accessing your VPC.
This can help you with the following compliance
standards:General Data
Protection Regulation (GDPR)
This rule can help you form your AWS
Well-Architected Framework for seamless
integration of AWS, Network Security, and Trend Micro Cloud
One - Conformity.
|
Audit geolocation filtering
To determine if geolocation filtering is enabled, perform the following actions:
- From the Network Security management interface, click the Policy icon
in the left navigation bar. - Select Geolocation Filtering:
- If the Filter State is
Enabled, then geolocation filtering is enabled for the listed countries/regions. - If the Configure Geolocation Filtering button is visible, follow the steps below to enable geolocation filtering.
- If the Filter State is
Enable geolocation filtering
To enable geolocation filtering, perform the following actions:
- From the Network Security management interface, click the Policy icon in the left navigation bar.
- Select Geolocation Filtering.
- Click Configure Geolocation Filtering.
- From the left panel of listed countries and regions, select the ones whose traffic you want to block, and click Add.
- After completing changes to geolocation filtering, distribute the policy to the virtual appliances on the appliances page.