Question

While troubleshooting a ticket for a customer, you learn they are sending traffic into our network (i.e. web or VPN) while on TDY in a foreign country. You then discover they are being blocked based on the region they are coming from, by some explicit protection policies on our GW and JRSS firewalls. What kind of security policies are these?

Answer 1

The security policies causing the customer to be blocked are likely geolocation filtering or geo-blocking, which restrict access based on the user's IP address location.

The security policies in question are likely geolocation filtering or geo-blocking measures. These policies are set up on firewalls to restrict or allow traffic based on the originating country or region of an IP address. Organizations implement such policies to mitigate risks associated with traffic from parts of the world that may have higher instances of cyber threats, to comply with legal or licensing requirements, or to manage bandwidth. When legitimate users, such as the customer on TDY (temporary duty), encounter these blocks, they may require an exception within the security policy to gain access.