7. Access

Previous6.3 Vulnerability Scan Next8. DNS

Last updated 9 days ago

7. Access

📖 Overview

The Access module in ShieldsGuard allows administrators to control and restrict incoming traffic based on geolocation, Internet Service Providers (ISP), and ASN (Autonomous System Number). It functions as a policy engine to regulate who can reach your system based on where they come from and who provides their connection.

This module is essential for:

Blocking high-risk geographies
Allowing only selected ISPs
Reducing noise from unwanted regions or anonymous networks
Enforcing compliance and regional access policies

📌 Access Control Methods

Access rules in this module are divided into three powerful and independent filters:

🗺️ 7.1 Block Country Entry

Purpose: Block or allow access based on the visitor's country.

Functionality:

Select countries from a dropdown list.
Add them to your block list or allow list.
Traffic from blocked countries is denied immediately at the edge.

Use Cases:

Block regions associated with botnet traffic.
Enforce geopolitical or compliance boundaries.
Allow only specific country-level user bases (e.g., national infrastructure).

🌐 Geolocation is determined by IP — updated via public geo-IP databases.

🛰️ 7.2 Permission by ISP Provider Name

Purpose: Allow or block access based on the ISP name (e.g., Turk Telekom, Comcast, China Telecom).

Functionality:

Enter ISP names as they appear in resolved IP data.
Apply rule to allow only trusted networks or block known problematic ones.

Use Cases:

Restrict access to enterprise-level traffic from known commercial providers.
Block residential proxies or cloud ISP abuse sources.
Whitelist research institutions or infrastructure providers.

#️⃣ 7.3 Authorization by ISP Provider Number (ASN)

Purpose: Enforce access control at the Autonomous System Number (ASN) level — the unique identifier assigned to ISPs and large network blocks.

Functionality:

Search for and add ASN numbers to your allow or block list.
Highly precise — ensures targeting entire IP allocations tied to an organization.

Use Cases:

Block all traffic from anonymous VPN or hosting services (e.g., ASN: 15169 – Google Cloud, ASN: 8075 – Microsoft Azure)
Only allow traffic from ASN of government or telecom partners
Stop persistent attacks coming from a specific ASN

✅ ASN data provides more granularity than basic geolocation and helps isolate infrastructure-based threats.

🎛️ Configuration Summary

Access Filter

Granularity

Recommendation

Country

Broad

Use to restrict region-level access

ISP Name

Mid-level

Use for enterprise allowlists or proxy blocks

ASN Number

Fine-grained

Ideal for blocking entire provider networks

🧠 Best Practices

Combine filters for layered access logic: Block high-risk countries + disallow known VPN providers.
Use ASN blocking when IP rotation makes per-IP filtering ineffective.
Always allow trusted ISPs or infrastructure providers explicitly.
Monitor Access Logs to refine access rules over time.

🎯 The Access module is your traffic gatekeeper — allowing only the right users from the right networks, and blocking everyone else before they even touch your system.

Previous6.3 Vulnerability Scan Next8. DNS

Last updated 9 days ago

📖 Overview

This module is essential for:

Blocking high-risk geographies
Allowing only selected ISPs
Reducing noise from unwanted regions or anonymous networks
Enforcing compliance and regional access policies

📌 Access Control Methods

Access rules in this module are divided into three powerful and independent filters:

🗺️ 7.1 Block Country Entry

Purpose: Block or allow access based on the visitor's country.

Functionality:

Select countries from a dropdown list.
Add them to your block list or allow list.
Traffic from blocked countries is denied immediately at the edge.

Use Cases:

Block regions associated with botnet traffic.
Enforce geopolitical or compliance boundaries.
Allow only specific country-level user bases (e.g., national infrastructure).

🌐 Geolocation is determined by IP — updated via public geo-IP databases.

🛰️ 7.2 Permission by ISP Provider Name

Purpose: Allow or block access based on the ISP name (e.g., Turk Telekom, Comcast, China Telecom).

Functionality:

Enter ISP names as they appear in resolved IP data.
Apply rule to allow only trusted networks or block known problematic ones.

Use Cases:

Restrict access to enterprise-level traffic from known commercial providers.
Block residential proxies or cloud ISP abuse sources.
Whitelist research institutions or infrastructure providers.

#️⃣ 7.3 Authorization by ISP Provider Number (ASN)

Purpose: Enforce access control at the Autonomous System Number (ASN) level — the unique identifier assigned to ISPs and large network blocks.

Functionality:

Search for and add ASN numbers to your allow or block list.
Highly precise — ensures targeting entire IP allocations tied to an organization.

Use Cases:

Block all traffic from anonymous VPN or hosting services (e.g., ASN: 15169 – Google Cloud, ASN: 8075 – Microsoft Azure)
Only allow traffic from ASN of government or telecom partners
Stop persistent attacks coming from a specific ASN

✅ ASN data provides more granularity than basic geolocation and helps isolate infrastructure-based threats.

🎛️ Configuration Summary

Access Filter

Granularity

Recommendation

Country

Broad

Use to restrict region-level access

ISP Name

Mid-level

Use for enterprise allowlists or proxy blocks

ASN Number

Fine-grained

Ideal for blocking entire provider networks

🧠 Best Practices

Combine filters for layered access logic: Block high-risk countries + disallow known VPN providers.
Use ASN blocking when IP rotation makes per-IP filtering ineffective.
Always allow trusted ISPs or infrastructure providers explicitly.
Monitor Access Logs to refine access rules over time.

🎯 The Access module is your traffic gatekeeper — allowing only the right users from the right networks, and blocking everyone else before they even touch your system.