Block Malicious IP address with Sonicwall TZ400
Hello all,
I receive an email every couple weeks from an agency who provides malicious URL/IP addresses to my agency. I have been adding these URLs and IPs to the content filter block list, but now I'm under the impression I need to block the addresses completely using a rule to block all connections between the URLs and IPs. I've researched online and found the solution,
- Firewall > Access Rules
- Click Add rule
- Action - Deny
- From - LAN
- To - WAN
- Destination > Create New Network
- Assign a Name for the IP/Site
- Zone Assignment - WAN
- Type - Host or network if you want to block the entire IP range
- Enter the IP of the site or network range
- Click OK and then click Add
But I'm wondering if there is a way to upload a text file or point to a file instead of creating a rule for every URL and IP. Is there a way to do this without manually adding every address or range?
Thanks!
Best Answer
-
MasterRoshi Moderator
That is one way to do it, you can also do a dynamic botnet list or make manual botnet entries.
2
Answers
Hello @Twizz728 try to have a look at this KB article about dynamic external objects/groups, maybe it helps you: https://www.sonicwall.com/support/knowledge-base/what-are-dynamic-external-objects-groups-and-how-can-we-configure-it/200507105852280/