Enable Geolocation in a Policy

When you enable the Geolocation subscription service, Geolocation is enabled automatically for all policies. In Fireware v12.3 or higher, when you enable the Geolocation service, all policies are configured to use the default Global Geolocation action automatically.

If you want more control over the types of connections the Firebox denies based on geographic location, you can enable or disable Geolocation for a specific policy in the policy settings. In Fireware v12.3 or higher, you can also change the Geolocation action used by a policy.

In Fireware v12.8 or higher, you can choose whether inbound traffic that Geolocation denies receives a deny page. When you disable the Geolocation deny page for a policy, inbound traffic does not receive a deny page that attackers could use to confirm the presence of a Firebox in your network. The deny page applies to HTTP and HTTPS traffic on ports 80 and 443.

The Geolocation subscription service must be enabled before you can enable or disable Geolocation for a policy.

For firewall policies that are configured to deny all traffic, enable Geolocation for the policy if you want to see in log messages whether the Firebox blocked the traffic based on the geographic location of the connection source or destination. For more information, go to Monitor Geolocation Activity.

Related Topics

About Geolocation