Hacking and cyber security are truly global problems. Spammers set up shop in co-locations, unregulated network space, and vulnerable systems around the world. They are continually in motion and almost impossible to track, but Geo-IP filtering can help address the problem. The following diagrams from customers who’ve implemented our Geo-IP filter illustrate the dramatic improvements gained by eliminating unwanted traffic to mail systems with our Geo-IP filter system. These diagrams show that Geo-IP filtering eliminated thousands of potential phishing, viruses, and malware email while restoring the bandwidth associated with them.
Geo-IP filters can reduce threats of any sort of cyber-attack, including Botnets, Zombie systems, malware infected web servers, or email viruses. Outbound geo-location filtering helps combat these types of breakouts by limiting their ability to operate freely around the world. In other words, Geo-IP filtering not only stops threats from penetrating your network, it also addresses the possibility that one of your employee’s laptops, cell phones, or other local device could carry a threat and transmit it to the internet via your network. Both in-bound and out-bound filtering are important benefits of Geo-IP filtering, and they can dramatically reduce your exposure to security risks and the costs and liabilities that go along with them.
It is important to remember that in a typical security system, a port opened through your firewall allows equal access to anyone in the world. Given the statistics on the volume of attacks that a computer network is likely to face, is that a wise or necessary gamble? Instead, a reasonable person might ask, how much business do we conduct in a certain nation? How many clients do we have in another? How likely is it that we should want to market our business in another? Additionally, one might reasonably decide to balance the results of those responses with the volume of cyber-attacks originating in any of those countries and provide access to your network according to the dictates of business interests, not on an arbitrary all-or-nothing basis. In fact, this sort of controlled and measured access to your network is exactly what Geo-IP filtering allows. Geo-IP filtering enables a security system to decide whether to allow access to your network’s service port for any nation in the world. Geo-IP Filtering also limits which geographical locations have access to specific ports and services, thereby alleviating pressure on those services and reducing their exposure.
When a Geo-IP filter is implemented correctly, you will find your security environment is less stressed and more secure. Eliminating the unwanted traffic to network ports provides a clearer view for your security environment to do its job more effectively.
LIMITATIONS OF EARLIER GEO-FILTERING SYSTEMS
Unfortunately, despite the obvious advantages of Geo-IP filtering, the technology has failed to achieve its potential because of limitations in most available firewalls and misunderstanding of the fundamental concepts underlying its usage. For example, many popular firewalls claim to have Geo-IP filtering. However, these firewalls generally offer either a geographical tool that is too rudimentary to be effective or too complex to be useful. The more simple tools resort to clumsy, broad-stroke methods that require entire nations to be excluded, costing a company potentially valuable markets or clientele. Other firewalls offer overly complex geographical systems that are unwieldy and difficult to implement. Companies who have attempted to use these features experienced numerous problems once enabled. Stoppages, delays and slow speeds for browsing, email, web services, and remote access from users abroad were among the most common problems cited.
With these types of serious limitations and problems with geographic screening tools, many users simply disabled the Geo-IP features and returned to their initial approach. Analysis of these problems showed that current geographic filters failed because the firewalls lacked the ability to filter on a more precise basis than just the location of the computer or network. The solution to this problem was to create the flexibility to filter geographical location and their ports, yet not restrict customer or vendor access. Fortunately, recent emergence of more sophisticated Geo-IP filtering has solved these problems and is therefore able to offer a new and important improvement to overall network security.