Does anyone know of a way to easily block foreign subnets? i.e. I only want our firewall to answer to US based subnets. Our logs show that most attacks are coming from foreign sources. Ideally, I'd like to have them broken down by country, and I've found databases online for sale. Are there any reliable free subnet/country databases available? And, what are your thoughts on something like this?
On that note, does anyone know of a firewall with this feature built in? Or would the blocking firewall still be susceptible to attacks?