Block a Country with a Click: The overwhelming majority of Spam, Malware, and DDoS attacks come from countries outside the United States and from infected machines in global Botnets. Enterprises are working to reduce the attack space by blocking traffic from countries that offer no business value, and by using IP reputation lists to block connections from IP addresses that are tied to malicious activity.
The PoliWall in-line appliance works with existing routers and firewalls to stop threats at the perimeter. With a click on a map block inbound and outbound TCP traffic by country and by managed IP blocklists at line speeds. By cutting the noise at the perimeter, the workload on systems deeper inside the network is decreased, making routers, firewalls, and IPS/IDS systems more effective at stopping attacks.
- Block IP ranges by country with a click on a map
- Use pre-compiled threat lists to block IPs tied to known botnets and malware
- Throttle bandwidth by country or any IT resource to mitigate against DDoS attack
- Tie allow/deny rules to specific resource groups like a VPN or public web server
- Stop malware & trojans inside the network from communicating out to botnet controllers
- Get automatic updating of IP country ranges and block lists
Today’s Country Blocking Tools Overburden Resources
A common way to block IP traffic at the perimeter is to load large access control lists (ACLs) directly into the router or firewall. The constant manual monitoring and updating of the ACL’s costs money in labor, consumes processing power and creates network latency. PoliWall’s automatic updating of IP country ranges and block lists obviates the high labor costs associated with manually updating ACLs, makes blocking a country as simple as clicking on a geographic map, and keeps device configurations simple so your network is not forced to trade protection for performance.
Country Blocking at HIPPIE® Speed
High-performance environments found in the financial sector and online retail sites rely on low latency data transfer to protect data and win a competitive edge. PoliWall’s High-Speed IP Packet Inspection Engine (HIPPIE) filters stateful traffic to achieve near zero latency while maintaining high throughput and TCP connection rates for both inbound and outbound IPV4 and IPV6 traffic. (See Performance Testing with BreakingPoint.)
Control Over IP Filtering Policy
Apply allow/deny country blocking IP filtering policies individually to any IT resource group such as a VPN, Sharepoint, webmail, or public web server. An organization might decide to allow only US inbound & outbound traffic, block millions of IP addresses on block lists registered to IPs in the United States, allow a partner in China access to the public web server, and still give sales VPN access while traveling in the blocked country of Brazil.
In Your Network
The PoliWall is a transparent bridging appliance that is typically installed between the firewall and the border router. Since it is transparent, it can usually be installed with no configuration changes to existing network equipment.
Track. Measure. Report.
PoliWall’s reporting dashboard can give you real-time visualization of your network traffic. Learn what countries are on your network and those blocked by IP reputation lists so you can identify out-of-compliance traffic flows. Create policies and immediately see the impact of those policies by country of origin, IP reputation list, or application resource for inbound and outbound traffic. Financial institutions can also use these reports to show compliance with government regulations like OFAC.