Sinkhole mitigation by IP address, domain, or country

If you would like sinkhole protection to be applied to specific IP addresses, domains, and/or countries, use the MTD threat management console Network Sinkhole Settings to define them.

MTD Sinkhole Local Actions must be enabled to deploy the MTD threat management console sinkhole. See Enable sinkhole VPN mitigation for iOS devices. The MTD console Sinkhole feature is optional, and MTD sinkhole will continue to work in either case.

Before you begin 

Complete Enable sinkhole VPN mitigation for iOS devices

Procedure 

1. Log into MTD console.
2. Click the Manage tab.

3. Click Network Sinkhole Settings. The Network Sinkhole Settings page displays.

4. Choose whether the listed addresses should be allowed, or blocked.

   Figure 1. MTD threat management console Network sinkhole settings

   

   • Check Block network access except ALLOW the IP address ranges/Domains below - to allow the listed addresses.
   • Check Allow network access except BLOCK the IP address ranges/Domains below - to block the listed addresses.

5. Optional. Enter a valid IP address and associated IP mask in the IP Addresses field, and click the green plus icon to add the address to the Allowed/Blocked IP Addresses list.

6. Optional. Enter a valid domain address (for example, www.example.com), and click the green plus icon to add the address to the Allowed/Blocked Domains list.

   Figure 2. Allowed and blocked IP addresses and domains

   

7. Optional. Click the green plus icon for each country you want to add to the Allowed/Blocked Countries list.

   Figure 3. Allowed and blocked Countries list

   

8. Click Deploy to apply the sinkhole options to the listed entities.