Blacklist definition and implementation mechanism of the USG6000 series

The USG6000 series supports configuring the blacklist. The definition and mechanism of a blacklist are as follows:
The blacklist is a typical measure for security defense. The system discards all packets that match the blacklist. The blacklist is more efficient in filtering packets from or to specific IP addresses when compared with security policies.
The USG6000 series supports blacklisting users, source addresses, or destination addresses to form three types of blacklists.
-User blacklist
After a user is added to the blacklist, the device discards the packets from or to the user.
-Source IP address blacklist
After a source IP address is added to the blacklist, the device discards all packets from this IP address.
-Destination IP address blacklist
After a destination IP address is added to the blacklist, the device discards the packets destined for this IP address.

Scroll to top