Dynamic Defense

Navigation: Policy > Geo-Filtering

To begin blocking or allowing access to content based on geolocation, navigate to the body of the Geo-Filtering Security Module shown above. 

Once here, search for the specific country in which you would like to block or allow access to. 

For each country you will be making two block or allow decisions for each country, one "Outbound" (Traffic coming from your network to the Country) and the second "Inbound" (Traffic Coming from the Country to your network).

Example:

Let's assume you would like traffic from your network to go to Afghanistan but would not like your network to receive traffic from Afghanistan.

You would do this simply by selecting the Green Check = Allow for Afghanistan under "Outbound" and the Red Minus = Block for Afghanistan Under "Inbound"

After these two block and allow decisions have been decided for each Country in your policy change, you can now proceed to Step 3.

If you are not sure which Countries you would like to block with Geo-Filtering, please consider the following:

AT&T Recommended Geo-Filtering Policy:

By default, AT&T Dynamic Defense recommends blocking access from high-risk countries known for hosting malicious activities and cyber threats. This proactive measure helps safeguard your systems and sensitive traffic by minimizing exposure to potential cyber attacks originating from those geographical locations.

By selecting to utilize the AT&T Recommended policy for Geo Filtering, traffic will be blocked to and from your network for the following countries:

• Belarus
• Congo DRC
• Ivory Coast
• Cuba
• Iraq
• North Korea
• Liberia
• Myanmar
• Syria
• Zimbabwe

The AT&T Recommended Policy can be turned on in the Dynamic Defense Portal's Geo Filtering page by clicking the down arrow on the right-hand side of the page.

Propagating configuration changes throughout the AT&T Dynamic Defense portal is a simple process.

Step 3a:

Making policy changes (e.g. adding, editing, or deleting policy rules) will be represented in a draft state shown on the right-hand side of the screen when the first policy edit is made. A draft will not be made active until you complete the remaining steps.

Step 3b:

When ready to apply your new policy, move your mouse over the "Draft" button and click "Apply Policy" to activate the draft state. Activating the changes effectively pushes the configuration changes to the network embedded security to be applied across your AT&T Dedicated Internet connection.

A prompt will appear asking if you are sure you want to continue. Here you can add any notes about the new policy and then select "Continue" to activate the policy.

Step 3c:

After applying the policy, the Draft state will then convert into a Pending state as the policy is pushed over the network to be updated within the AT&T Dynamic Defense Service.

Step 3d:

Once the policy is successfully updated within the AT&T Dynamic Defense Service the status will then be updated to an active state and a new notification will be populated to show success.