Hi
Our info-sec team is asking that we block certain CIDR ranges that are known attack hosts, etc. What is the most efficient way to do that in the XG? Currently they are not going to be an automated list, but something that is manually updated. My initial thought was to create a new IP List object with all networks/hosts in a comma separated list, but I don't know what's going to be the most performant on the v17.5 XG code (not familiar with how it writes out iptable lists), running in Azure.
Currently this will probably only be a dozen or so networks to start, but I fear that once we start doing this they are going to throw the kitchen sink at it.
Thanks
Nate
This thread was automatically locked due to age.
