I see in the new Security Center there is an option to block IP or block country. The block country option creates a Layer 7 rule for the corresponding country.
Does anybody use this?
It's tempting to block some countries I could never see us sending traffic to or from.
Different countries are assigned different blocks of IP numbers. I looked at a list of top hacker countries and blocked all of them that I thought we would never have any dealings with. It's a good idea to block bots and porn under content filtering lots of infections come in that way.
Be mindful that a long list of countries can cause TCP timeouts on your internet connections. It happened to me. It's great that Meraki has a very easy-to-use packet capture tool to troubleshoot the issue.
Sometimes our customer get frequent attacks from specific countries, which Geo-based Firewall rules can help in mitigating any risks while investigating who is the attackers and how to apply rules to block them.
With Meraki SD-WAN, what are the security features/ licenses the MX will be provided with. Is Meraki looking to have source fire, NGIPS and Meraki insights? Thank you.
@Chandra2 Meraki MX has 2 licenses, Enterprise and Advanced Security. All the SD-WAN features (Auto VPN, traffic shaping, Policy based routing, etc.) are a part of the Enterprise License. Meraki Insight is a separate product and requires its own license.
For more info on what's included with the 2 separate MX license, you can look here under "MX licensing options"
This is how we use it too. Is there a way to make an exception to this rule? For example if we block connections to/from China or Russia, can we allow access to certain websites or IP addresses in those countries?