How do you achieve this?

Last Updated on September 26, 2021 by Admin 3

You find a suspicious connection from a problematic host. You decide that you want to block everything from that whole network, not just the problematic host. You want to block this for an hour while you investigate further, but you do not want to add any rules to the Rule Base. How do you achieve this?

  • Use dbedit to script the addition of a rule directly into the Rule Bases_5_0.fws configuration file.
  • Select Block intruder from the Tools menu in SmartView Tracker.
  • Create a Suspicious Activity Rule in Smart Monitor.
  • Add a temporary rule using SmartDashboard and select hide rule.
0 0 votes
Article Rating
Notify of
Inline Feedbacks
View all comments