Certain countries deliver no legitimate services to normal daily Internet activity, but are known as being an origination point of cyber-attacks.
In an open network, connections to these countries will occur regularly; secure networks, however, should limit accessibility to IP-addresses from questionable locations. Browsing less popular websites, international NTP-pools (time servers) and P2P software will trigger an alert for this category. In maximum security networks, connections to IP-addresses from this category require attention.
The countries triggering a Geofence alert are :