GeoIP Location offers either a Allow List or a Deny List.
Note: it is not possible, nor is it needed, to have a GeoIP Allow List and Deny List at the same time. Such is never needed...just think about it...
The use of GeoIP for RDP connections is strongly recommended. Most hack-attempts from around the world as they do happen, are blocked when using the GeoIP Allow List, or when placing (many...most...) countries on the GeoIP Deny List.
The use of GeoIP for SSL connections is a "nice to have". Stopping connections based on GeoIP Location data is a bit quicker / less CPU intensive, then stopping a connection based on SSL negotiations.
Manage shows the details of the loaded GeoIP / Spamhaus Drop List database:
Because of redundancy, AADS uses either GeoIP location data from MaxMind or from IPInfoDB.
AADS uses GeoLite2 data created by MaxMind, available from MaxMind.
AADS uses IP2Location LITE data available from IPInfoDB.
It is important that the AADServer can check for Updates of the GeoIP location / Spamhaus Drop List, and Download the data.
Both the GeoIP data and the Spamhaus Drop List are updated roughly on a daily to weekly basis and is therefore "outdated" within a month. Using "outdated" data should be avoided because nowadays IPv4 networks are (re-)sold from country to country, implying that "outdated" data would allow connections from IP Addresses, or block connections from IP Addresses, because in the "outdated" GeoIP the IP Address belong to country "XYZ" while currently the IPv4 range is sold and used in country "ABC".
Suggestion: Enable and use Notifications. Whenever an Update is available or there is some problem with downloading the latest GeoIP location / Spamhaus Drop List data, a Notification (email) is send to the Administrator of the AADServer.
It is possible to search in the local GeoIP database:
© 2012-2023 AADS WorldWide. Terminal Server | Application Server | Remote Desktop solutions | Firewall |