Geolocation IPs and Juniper Advanced Threat Prevention Cloud
IP-based Geolocation (GeoIP) is a mapping of an IP address to the geographic location of an Internet connected to a computing device. Juniper Advanced Threat Prevention Cloud supports GeoIP, giving you the ability to filter traffic to and from specific geographies in the world.
Currently you configure GeoIP through CLI commands and not through the Web interface.
GeoIP uses a Dynamic Address Entry (DAE) infrastructure. A DAE is a group of IP addresses, not just a single IP prefix, that can be imported into Juniper Advanced Threat Prevention Cloud from external sources. These IP addresses are for specific domains or for entities that have a common attribute such as a particular undesired location that poses a threat. The administrator can then configure security policies to use the DAE within a security policy. When the DAE is updated, the changes automatically become part of the security policy. There is no need to update the policy manually.
The cloud feed URL is set up automatically for you when you run the op script to configure your SRX Series Firewall.
Currently, configuring GeoIP and security policies is done completely on the SRX Series Firewall using CLI commands.