---
title: Configuring a geovelocity anomaly rule (web policy)
description: PingID analyzes location data and allows you to specify an authentication rule when the travel time between a user's current sign on location and their previous sign on location is not possible in the time frame that has elapsed since the previous sign on. The location and resulting reputation classification are based on the user's accessing device.
component: pingid
page_id: pingid:pingid_service_management:pid_configuring_geovelocity_anomaly_rule
canonical_url: http://docs.pingidentity.com/pingid/pingid_service_management/pid_configuring_geovelocity_anomaly_rule.html
revdate: June 6, 2024
section_ids:
  about-this-task: About this task
  steps: Steps
  result: Result:
  choose-from: Choose from:
  next-steps: Next steps
---

# Configuring a geovelocity anomaly rule (web policy)

PingID analyzes location data and allows you to specify an authentication rule when the travel time between a user's current sign on location and their previous sign on location is not possible in the time frame that has elapsed since the previous sign on. The location and resulting reputation classification are based on the user's accessing device.

## About this task

**Video (YouTube)**

\<https\://www\.youtube.com/embed/0yOYaClclLk?rel=0>

For example, if a user signs on from New York, USA at 12:00 p.m. and then attempts to sign on from London, UK two hours later, a geovelocity anomaly is detected and a rule action, such as **Deny**, is applied.

You can create a whitelist of IP addresses that you want this rule to ignore.

## Steps

1. From within the relevant policy, click**[icon: plus, set=fa] Add Rule** and from the list, select **Geovelocity Anomaly**.

   ### Result:

   The **Geovelocity Anomaly** rule wizard opens.

   ![A screen capture of the Geovelocity Anomaly rule wizard.](_images/gpz1565076580321.png)

2. From the **Action** list, select the authentication action that you want to apply in the event of a geovelocity anomaly.

   ### Choose from:

   * **Deny** (default): Deny access.

   * **Authenticate**: Allow the user to authenticate using any of the authentication methods allowed at the policy level.

   * **Allowed Methods**: Click **Allowed Methods** to reveal a list of authentication methods allowed by this policy, and then select the check box of each authentication method that you want to allow for this rule. See [Rule authentication actions](pid_rule_auth_actions.html) for description per authentication type.

3. in the **Whitelist** field, specify one or more IP address ranges that you want the rule to ignore.

   |   |                                                                                                          |
   | - | -------------------------------------------------------------------------------------------------------- |
   |   | Enter each IP address range in the format `XX.XX.XX.XX/XX`. Separate each IP address range with a comma. |

4. Click **Save**.

5. In the **Policy** list, click and drag the new policy and place it in the order in which you want it to be considered. Click **Save Order**.

## Next steps

To ensure the policy is applied to your organization, go to **PingID → Configuration** and ensure **Enforce Policy** is set to **Enabled**.