Geofiltering

My organization is testing Geofiltering controls. I’m generally opposed to Geofiltering, but this is intriguing.

The easiest controls are the ones backed by policy. If your audit department has rules against international remote access, that’s mostly easy. Every modern firewall except for Cisco offers native Geofiltering.  Apply the rules and walk away.  The shortcoming is threat intelligence. If your remote access solutions (Cisco ASA VPN) can’t handle Geofiltering, you’re stuck. In an ideal world, I’d like to use dynamic access policies to block users after authentication.

User / Customer / Shareholder system controls are the interesting ones. You can’t block those people just because they travel overseas. Do you implement captcha technology, email notifications, etc?