Recently there have been questions from our associates about blocking traffic from certain countries mostly driven by impact when they travel. While we use a scoring threshold using Cybersecurity Exposure Index (CEI) or National Cyber Security Index (NCSI) etc. some countries that score better should be on the list based on state sponsored activity or political turmoil. What criteria are you using for blocking traffic from countries via geo fencing? Are you documenting the criteria in a policy? Are you having challenges defending the countries on the list?
We've taken an opposite approach. Rather than blocking specific countries, we only allow countries in which we do business (US/Canada) and block everything else. We then allow specific services that communicate outside of ...read more
We use both in Azure. The reason we have Fortigate VM is that we have Fortigate physical appliances on-prem so it all tights together in their security fabric. Fortigate costs more especially if you add the UTM license so ...read more