This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Shivajith_S
Contributor
‎2018-08-15 01:55 AM

Hi Experts ,Any one can guide

May I know how to block IPS based for Countries to block outside access to Particular segment .

My scope is I need to block for VPN segment ,for example lets say my user are in UK ,I need to block access from china ,In IPS based ...how  to apply this ..  

0 Kudos
3 Replies
Gomboragchaa
Advisor
‎2018-08-15 03:30 AM

Hello,

You mean talking about the Geo Policy?

If you use Geo Policy, you can block connection from any specific Country.

0 Kudos
Gomboragchaa
Advisor
‎2018-08-16 06:09 PM
In response to Shivajith_S

To create a new Geo Policy:

  1. In R80 SmartConsole, go to the Security Policies page.
  2. In the Shared Policies section, click Geo Policy.
  3. From the drop-down Edited Policy menu, select New.
  4. In the Object Name window that opens, enter a name for the new Geo Policy.
  5. Click OK.
  6. Select an Activation Mode:
    • Active - Policy is enabled
    • Monitory Only - Traffic that matches the policy is allowed and logged
    • Inactive - Policy is disabled
  7. In Policy for specific countries section, click the plus sign.

    The Geo Policy - Add new rule window opens.

  8. Configure the Rule Settings:
    • Country - Select or search for a country on the list
    • Action - Select Accept to allow the traffic or Drop to reject it
    • Direction - From and To Country for bidirectional traffic, or To Country or From Country for traffic only in a specific direction
    • Track - Select to Log, send Alerts, send Mail, send SNMP Traps, or to send one of possible three custom User Alerts (you can also choose to not do any tracking)
    • Comment - optional comment
  9. Set the default Action and Track option for the Policy for other countries.
  10. Optional - Select Aggregate logs by country.
  11. Publish the Session to save the configuration changes.

Firewall Pre-R80 Security Gateways with R80 Security Management 

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events
    li.common.scroll-to.top