I see in the new Security Center there is an option to block IP or block country. The block country option creates a Layer 7 rule for the corresponding country.
Does anybody use this?
It's tempting to block some countries I could never see us sending traffic to or from.
Different countries are assigned different blocks of IP numbers. I looked at a list of top hacker countries and blocked all of them that I thought we would never have any dealings with. It's a good idea to block bots and porn under content filtering lots of infections come in that way.
Be mindful that a long list of countries can cause TCP timeouts on your internet connections. It happened to me. It's great that Meraki has a very easy-to-use packet capture tool to troubleshoot the issue.
Sometimes our customer get frequent attacks from specific countries, which Geo-based Firewall rules can help in mitigating any risks while investigating who is the attackers and how to apply rules to block them.
Is there an easy way to block specific countries (specifically emails from China) if we do not have the advanced security license?
With Meraki SD-WAN, what are the security features/ licenses the MX will be provided with. Is Meraki looking to have source fire, NGIPS and Meraki insights? Thank you.
@Chandra2 Meraki MX has 2 licenses, Enterprise and Advanced Security. All the SD-WAN features (Auto VPN, traffic shaping, Policy based routing, etc.) are a part of the Enterprise License. Meraki Insight is a separate product and requires its own license.
For more info on what's included with the 2 separate MX license, you can look here under "MX licensing options"
This is how we use it too. Is there a way to make an exception to this rule? For example if we block connections to/from China or Russia, can we allow access to certain websites or IP addresses in those countries?