# Geo-Location-Based Access Control

1. [Home](https://www.agilicus.com/)
2. Geo-Location-Based Access Control

![Data Sovereignty: Agilicus ensures your data remains within defined geographical boundaries, as visualized by a world map highlighting regions with specific data regulations.](https://www.agilicus.com/www/cdb34cf1-world.svg)You Are Where?

---

## Geo-Location-Based Access Control

It is possible to allow/deny access to individual resources based on the country their inbound IP is coming from.

[CONTACT](/contact-us/)

## Geo-Location-Based Access Control

![](https://www.agilicus.com/www/d1008dbe-image-1024x734.png)    It i possible to allow/deny access to individual resources based on the country their inbound IP is coming from.

Note:As with all IP-based lookup schemes, a user coming via VPN can appear in an alternate location.

Geo-location is done at the granularity of country. Countries are identified by their [ISO-code](https://en.wikipedia.org/wiki/List_of_ISO_3166_country_codes) (a 2-letter code unique per country).

Rules have priorities. Lower numbers evaluate first. Rules with the same priority evaluate in parallel, taking the most restrictive answer.

Actions include:

- Allow
- Deny
- Log

An example configuration allowing (priority-0 evaluates first) traffic from Canada, US, and denies (priority-1, NOT Canada, US) the remainder is shown below.

[![](https://www.agilicus.com/www/9e92fdd0-image-1024x306.png)](https://www.agilicus.com/www/9e92fdd0-image.png)---