IP Blocking Standard (SS-17-002)
SS-17-002 IP Blocking
Issue Date: 5/15/2017
Monitoring and controlling the flow of network traffic at the boundary of the state network provides the ability to protect it from malicious software, security attacks, external entities with malicious intent, denial of service attacks, and other security risks. This standard establishes criteria for blocking network traffic from IP addresses and IP address ranges at the boundary of the state network.
SCOPE and AUTHORITY
Information Technology Policies, Standards and Guidelines (PM-04-001)
The Georgia Technology Authority (GTA) will block IP addresses and IP address ranges that GTA determines are associated with malicious software, security attacks, external entities with malicious intent, denial of service attacks, and other security risks. The list of IP addresses being blocked varies over time and the GTA uses various sources of intelligence about those addresses, including:
Traffic analysis at the State of Georgia border firewalls
Georgia Information Sharing and Analysis Center(GISAC)
Multi-state Information Sharing & Analysis Center (MS-ISAC)
United States Computer Emergency Readiness Team (US-CERT)
RELATED ENTERPRISE POLICIES, STANDARDS AND GUIDELINES
Network Security Controls (PS-08-027).
Network Security - Boundary Protection (SS-08-047)
Malicious Code Incident Prevention (SS-08-033)