has any one an idea, if there is a way to restrict Policy Building process to a specific Geo location.
Explanation:
The webpage of our customer can and should be accessed globally, but the big majority of the valid requests is from withing the country. In opposed the majority of the requests from outside are scans and other unwanted requests.
The webpage should not be Geo restricted, but it would ease work and speed up learning, if we could limit the Policy Building to only listen to requests from a specific country.
Now I did not jet find a us full option to do so.
Basically what would be nice would be the same as you have for IP Address Exception list, just for Geo location instead of IPs.
In the Automatic Policy Builder settings (Advanced I think) you can set Trusted IP addresses / mask. A trusted IP needs to hit lower metrics before automatically building the security policy.
