Manage Security Services > Geolocation > Configure Geolocation

Configure Geolocation

The Geolocation subscription service uses a database of IP addresses and countries to identify the geographic location of connections through the Firebox.

To use Geolocation, the Firebox must use Fireware v11.12 or higher and must have a feature key that enables the RED subscription service. For more information, see:

When you enable Geolocation or change the countries to block, the Firebox blocks new incoming and outgoing connections to or from sites located in the countries you choose to block. The Geolocation settings apply only to new connections. If you block connections to a country, the Firebox does not drop existing connections to that country.

If your internal network or FireCluster configuration uses IP addresses outside the reserved private IP address ranges defined in RFC 1918, RFC 5737, or RFC 3330, look up the geolocation of the IP addresses you use before you block a country. To look up the geolocation of an IP address, from Fireware Web UI select Dashboard > Geolocation > Lookup. For more information, see Geolocation Dashboard.

Before you configure Geolocation to block a particular region, make sure to evaluate the geographic location of sites that users and servers on your network must connect to. A site that is located in one country may include content that is hosted elsewhere.

Edit Geolocation Settings

In the Geolocation settings you can select the countries to block, and configure exceptions for sites you never want to block.

To select the countries to block, in Fireware Web UI or Policy Manager:

  1. Select Subscription Services > Geolocation.
  2. Select the Enable Geolocation check box.
  3. Select countries to block on a map or from a list, as described in the subsequent section.
  4. If there are sites you want to allow in the blocked countries, configure exceptions as described in the subsequent section.
  5. Save the configuration.

Select Countries to Block on a Map

On the Map tab, the currently blocked countries are shown in red. You can unlock the map to change the countries to block on the map.

Select Countries to Block from a List

On the Country List tab, you can see the list of all countries, listed by continent. You can select individual countries and you can select all countries on a continent all at once.

Give Us Feedback     Get Support     All Product Documentation     Technical Search