Configure Ruleset with Ingress POP Country

All traffic is routed through a Point of Presence (POP), with each proxy directed through its respective POP. When selecting the country for Ingress POP, a list of available POPs in that country is displayed. This ensures that all traffic originating from a specific country exits via a dedicated IP address located within that same country. This criteria can be used when defining rules for building your policy. Selected traffic egressing from POPs in a specific country should have dedicated IPs within that country.

To configure the web gateway rule set with Ingress POP Country criteria: 

1. On the Secure Web Gateway Setup page, click Policy.

2. Go to Web Policy > Policy> Global Block > Global Block Lists.

3. To configure a new rule set, click New Ruleset > Library ruleset.

4. You can use the check box to select Global Block > Global Block Lists. Click Add.

5. Complete the following fields:
   

• Name — Specify the name of the ruleset to be created.
• Criteria — Select criteria to apply the ruleset and click OK. You can also view the logic used for the selected criteria. 
  • Ingress POP Country— Click Criteria, and a new window with the list of criteria appears. Search and select Ingress POP Country.
    
• Operator — Select is or is not as the Operator. For details, see List of Operators.
• Value— Click to specify the value based on the set criteria.
  • Click Select Value, and the Ingress POP Country pane appears.
    
  • Ingress POP Country pane displays a list of countries in the world. Use the check box to specific country to receive the traffic.
    
  •  Click Done.
    

6. Action — Specify the action to be performed when a rule is triggered. For details, see List of Actions.

7. On/Off — Select On to enable a rule and Off to disable a rule. Click  to view options such as Add New Condition and Delete.