7. Access

πŸ“– Overview

The Access module in ShieldsGuard allows administrators to control and restrict incoming traffic based on geolocation, Internet Service Providers (ISP), and ASN (Autonomous System Number). It functions as a policy engine to regulate who can reach your system based on where they come from and who provides their connection.

This module is essential for:

  • Blocking high-risk geographies

  • Allowing only selected ISPs

  • Reducing noise from unwanted regions or anonymous networks

  • Enforcing compliance and regional access policies


πŸ“Œ Access Control Methods

Access rules in this module are divided into three powerful and independent filters:


πŸ—ΊοΈ 7.1 Block Country Entry

Purpose: Block or allow access based on the visitor's country.

Functionality:

  • Select countries from a dropdown list.

  • Add them to your block list or allow list.

  • Traffic from blocked countries is denied immediately at the edge.

Use Cases:

  • Block regions associated with botnet traffic.

  • Enforce geopolitical or compliance boundaries.

  • Allow only specific country-level user bases (e.g., national infrastructure).

🌐 Geolocation is determined by IP β€” updated via public geo-IP databases.


πŸ›°οΈ 7.2 Permission by ISP Provider Name

Purpose: Allow or block access based on the ISP name (e.g., Turk Telekom, Comcast, China Telecom).

Functionality:

  • Enter ISP names as they appear in resolved IP data.

  • Apply rule to allow only trusted networks or block known problematic ones.

Use Cases:

  • Restrict access to enterprise-level traffic from known commercial providers.

  • Block residential proxies or cloud ISP abuse sources.

  • Whitelist research institutions or infrastructure providers.


#️⃣ 7.3 Authorization by ISP Provider Number (ASN)

Purpose: Enforce access control at the Autonomous System Number (ASN) level β€” the unique identifier assigned to ISPs and large network blocks.

Functionality:

  • Search for and add ASN numbers to your allow or block list.

  • Highly precise β€” ensures targeting entire IP allocations tied to an organization.

Use Cases:

  • Block all traffic from anonymous VPN or hosting services (e.g., ASN: 15169 – Google Cloud, ASN: 8075 – Microsoft Azure)

  • Only allow traffic from ASN of government or telecom partners

  • Stop persistent attacks coming from a specific ASN

βœ… ASN data provides more granularity than basic geolocation and helps isolate infrastructure-based threats.


πŸŽ›οΈ Configuration Summary

Access Filter
Granularity
Recommendation

Country

Broad

Use to restrict region-level access

ISP Name

Mid-level

Use for enterprise allowlists or proxy blocks

ASN Number

Fine-grained

Ideal for blocking entire provider networks


🧠 Best Practices

  • Combine filters for layered access logic: Block high-risk countries + disallow known VPN providers.

  • Use ASN blocking when IP rotation makes per-IP filtering ineffective.

  • Always allow trusted ISPs or infrastructure providers explicitly.

  • Monitor Access Logs to refine access rules over time.


🎯 The Access module is your traffic gatekeeper β€” allowing only the right users from the right networks, and blocking everyone else before they even touch your system.

Last updated