Table of contents
Topics on this page
Geolocation Filtering
With Network Security geolocation filtering, you can block IP addresses based on Geo IP from reaching your Network Security virtual appliance. Geolocation filtering can also be used to mitigate attacks like Distributed Denial of Service (DDoS).
Rule ID: NS-GEO-001
Risk level: Risk level: Low (generally tolerable level of risk)
Ensure that geolocation filtering is enabled to blocklist countries to allow or restrict users in specific locations from accessing your VPC.
This can help you with the following compliance standards:
General Data Protection Regulation (GDPR)
This rule can help you form your AWS Well-Architected Framework for seamless integration of AWS, Network Security, and Cloud One - Conformity.

Audit geolocation filtering

To determine if geolocation filtering is enabled, perform the following actions:

  1. From the Network Security management interface, click the Policy icon in the left navigation bar.
  2. Select Geolocation Filtering:
    • If the Filter State is Enabled, then geolocation filtering is enabled for the listed countries/regions.
    • If the Configure Geolocation Filtering button is visible, follow the steps below to enable geolocation filtering.

Enable geolocation filtering

To enable geolocation filtering, perform the following actions:

  1. From the Network Security management interface, click the Policy icon in the left navigation bar.
  2. Select Geolocation Filtering.
  3. Click Configure Geolocation Filtering.
  4. From the left panel of listed countries and regions, select the ones whose traffic you want to block, and click Add.
  5. After completing changes to geolocation filtering, distribute the policy to the virtual appliances on the appliances page.