Managing GeoGroups

If the Distributed Cloud Firewall (DCF) feature is disabled, GeoGroups are not available.

A GeoGroup is a grouping of countries or custom geographical locations. The Groups > GeoGroups tab displays a Countries list and a Custom list. The Countries list is populated from the MaxMind GeoIP® database, and the Custom list displays a list of custom GeoGroups that you create (groups of countries or geographical areas).

You cannot have a GeoGroup as both a source and a destination in a DCF rule.

If the same public CIDR is present in a VPC/VNet and in a Custom GeoGroup, and the DCF rule containing this Custom GeoGroup is blocking traffic, the inter-VPC/VNet traffic that uses this public CIDR may get blocked as well.

Countries

The Groups > GeoGroups > Countries tab shows countries and their rule references.

Viewing Country Details

You can click a Country name to view its IPs/CIDRs and Rule References in the right-hand pane.

geogroup detail

Custom GeoGroups

The Groups > GeoGroups > Custom tab shows custom GeoGroups (groups of countries or geographical areas). If a Custom GeoGroup is selected in a DCF rule; that DCF rule is enforced and logged; and traffic is encountered against that rule, the Custom tab displays the number of rule references.

Custom GeoGroups used in rules cannot be deleted.

You can clone a Custom GeoGroup.

Viewing Custom GeoGroup Details

You can click a GeoGroup name in the Custom list to view its IPs/CIDRs and Rule References in the right-hand pane.

Related Topics