Would it make sense to add geo filtering to a firewall?
Say I have published HTTP and VPN services to the outside world. Anyone on the plannet can consume HTTP but I have a strick "No Russians" policy for VPN connections.
It seems like this could work for many small and medium businesses but I wonder if a firewall can look up the IP's geographic information fast enough.
Interesting idea - you might start a bounty and see if anyone else latches onto this.