IP Geolocation Service
FortiGuard IP Geolocation database is used by Fortinet devices for configurations with geography-based policy address objects. This service allows Fortinet devices to query the cloud-based FortiGuard servers for location of public IP addresses. The IP Geolocation service provides high precision of IP geographic locations. In addition, FortiOS 6.4+ also supports firewall policy configuration based on IP registration locations.
Version Updates
IP Geolocation Database Update | 2.256 | 1 hour ago |
IP Geolocation Database for FortiOS 6.2+ Update | 3.256 | 1 hour ago |
Frequently Asked Questions
Anycast is a technology that consists of multiple different servers around the world with the same IP address. It typically routes the user's request to the closest available server, and multinational telecom providers often use it to reduce latency on global services.
Since anycast IPs have different physical locations for deployment, all of which are considered "correct" and none of them have priority, a single physical location is not very conclusive for the designated anycast IP in firewall policies. To address this, FortiOS provides an option to whitelist or blacklist all anycast IPs. This can be done by using the anycast flag setting in FortiOS. Additionally, the GeoDB shows the registration location of an IP as its default location if it's anycast. This feature enables users to configure firewall policies based on the generic GeoDB function.
Please refer to our TAC team or your local support engineer for assistance on the functions mentioned above.
IP address ranges are publicly registered on internet registries (RIRs). This registration information, also known as WHOIS information, includes the country where the owning entity is headquartered. This country is considered the registration location of an IP block. However, multinational internet service companies often allocate their IPs to data centers around the world. As a result, the physical location of an IP may not necessarily match the registration information.
Our IP-Geolocation database by default displays and uses the physical location of an IP. Showing the actual geographic location of an IP is fundamental in various fields, including location-based services and malware detection. However, our database also includes the registration country data. FortiOS can be configured to use either the "physical location" or the "registration location" depending on your specific needs.
Please refer to our TAC team or your local support engineer for assistance on the functions mentioned above.