I have seen plenty of videos blocking inside users from reaching known bad countries like russia/china in the networks section of an access rule and Ive seen how the IPS signatures can detect malicious behavior or known bad networks and block traffic from outside to inside/dmz but what if I just want to blacklist a certain country or public network range in general from even using my precious processing power, should I just blacklist specific IP's or create thresholds that can autoban IP's when trying to do something in a short amount of time?
No comments:
Post a Comment