Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
IldarSultanov
Explorer

simple blocking many IP

Hello.

What is the best way to block over 4000 IP: use fw sam, sim dropcg or adding object throw cli and creating blocking rules?

Which method will affect perfomance to gateway more then other? 

0 Kudos
1 Reply
Sorin_Gogean
Advisor

Hey,

 

So, we were using SAM block in the past on IP's detected by SmartEvent rules.

Problem we faced is that the 600K limit of SAM rule was filling pretty quick. So in order to be able to block those IP's, I'm looking for a solution where we add IP's to an Generic DataCenter Object (sk167210), and use that in a FWL block rule.

Hopefully will work for you too.

 

Thank you,

0 Kudos