Meraki

tantony · ‎Feb 22 2022

Anyone here blocking traffic to / from Russia on their Meraki especially with high risk of cyber attack from Russia?

Even if I block traffic from Russia with MX layer 7, what would happen if an actual hacker from Russia uses VPN to be in 'US'?

Is Meraki smart enough to 'unmask' the VPN from Russia pretending to be from US?

BrandonS · ‎Feb 22 2022

“Is Meraki smart enough to 'unmask' the VPN from Russia pretending to be from US?”. No.

Geoblocking is pretty basic and just blocks IP addresses well known to be assigned in Russia.

if you are honestly concerned about attacks from Russia you should probably have the FBI or DHS (assuming you are in the US) or some federal agencies involved. Otherwise, just carry on with current best practices for business network security.

- Ex community all-star (⌐⊙_⊙)

View solution in original post

BrandonS · ‎Feb 22 2022

“Is Meraki smart enough to 'unmask' the VPN from Russia pretending to be from US?”. No.

Geoblocking is pretty basic and just blocks IP addresses well known to be assigned in Russia.

if you are honestly concerned about attacks from Russia you should probably have the FBI or DHS (assuming you are in the US) or some federal agencies involved. Otherwise, just carry on with current best practices for business network security.

- Ex community all-star (⌐⊙_⊙)

CptnCrnch · ‎Feb 23 2022

If you're really catching attackers with Geo-blocking, they possibly wouldn't have made it past your perimeter nonetheless. With AWS, Azure, GCP etc. in place, Geo IP is not very much useful anymore from a defenders perspective.

tantony · ‎Feb 23 2022

Thanks, that's what I thought, but I guess better safe than sorry.

Meraki

Community

Blocking traffic to / from Russia?

Blocking traffic to / from Russia?

MX block intervlan traffic

Meraki Block Page Not Displaying for HTTPS Traffic

Block IP address for inbound \ outbound traffic

Geo-IP blocked traffic showing in Top sources of threats

Blocking WhatsApp Traffic Using MX84