A location policy can permit, block, or implement traffic limiting for traffic of a country.
Prerequisites
The latest IP location database file has been loaded. For details, see Library Files.
NOTE: Context
Many attacks on the Internet are launched by attacks by controlling zombie hosts. These zombie hosts may be centrally located in a specific region. A location policy can block or implement traffic limiting by region, effectively prevents attacks from a specific region. In addition, a location policy can take the pass action on traffic from a trusted region.
Public IPv4 addresses have been divided by country in the IP location database file. If the IP location division granularities in the IP location database file cannot meet requirements, you can create user-defined IP locations. For details, see Creating User-defined IP Locations.
NOTE: After IP location function is enabled on the detecting device, no exception is reported, and traffic diversion is not triggered.
Procedure
- Choose .
- Click
of the Zone. - Choose Location Policy tab, click
and select the location and
action. By default, the action of a location policy is Block.
If the action is Traffic Limiting, you need to set the threshold for traffic limiting.
If there are many IP location entries, you can enter a location name in Name and click
for query. - Click OK.