Configuring Geo Binding

This article describes the step-by-step method to configure Geo Binding on the ISA web console.

Geo Binding helps ISA administrators to restrict the ISA User Agent connection to specific countries, thus further securing remote access to corporate resources. Geo Binding can be configured per user and per user group. More than one country can be selected as the source of the User Agent connection. 

For the purpose of this article, the end-user device shown is a Windows PC.

1. Log into the ISA web console using administrator credentials 
   

2. Navigate to the USERS & GROUPS > Users page.
   

1. Click on the name of a user
   

1. Alternatively, click on the name of a user group on the User Groups page.
   

1. In the user window, click Edit
   

1. Alternatively, in the Group details window, click Edit.
   

1. Scroll down.
   

1. Turn on the Geo Binding toggle.
   

1. Click inside the Select countries box.
   

1. Select the countries you want to allow the user or the user group to connect from. 
   

1. Click Update to save the change.
   

Testing

In this test, we connect from a different country than the ones selected under Geo Binding.

1. On the  end-user device, start the ISA User Agent. 
   

1. Enter the username and password of the user (if Authentication Type is set to Password+Certs).
   

1. Click OK to submit the credentials.
   

1. An error message User Geo Location Mismatch is displayed.
   

Conclusion

Geo Binding adds one more layer of security to the ISA User Agent connection process by restricting users to connect from certain allowed countries. If a user attempts to connect from a country not configured under Geo Binding, the connection is refused.

• Related Articles

• Configuring Local Groups

  This user guide describes the various configuration options to manage user groups on the ISA web portal. The User Groups page on the ISA web portal allows administrators to create user groups and add users to them. User groups can be created locally ...

• Configuring Local Users

  This user guide describes the various configuration options to manage users on the ISA web portal. The Users page on the ISA web portal allows administrators to create and maintain a database of users that either connect remotely using the ISA User ...

• Configuring Two-Factor Authentication

  Two-Factor Authentication (TFA) adds one more layer of security to the ISA User Agent connection process, in addition to the username-password and certificate method of authentication. When TFA is enabled for a user or user group, the User Agent is ...

• Configuring Device Binding on the ISA Web Console Using Automatic Device Registration Details

  Device Registration occurs when Instasafe Secure Access (ISA) automatically captures certain device identification details when an ISA User Agent connects to the ISA Controller. The information captured during Device Registration are: MAC Address of ...

• Configuring Device Binding on the ISA Web Console Using Manual Device Registration Details (Windows Client)

  This article describes the process of configuring Device Binding using manual Device Registration for a Microsoft Windows PC. One method of Device Registration occurs when Instasafe Secure Access (ISA) automatically captures certain device ...