Results 1 to 2 of 2
  1. #1
    Untangle Ninja dwasserman's Avatar
    Join Date
    Jun 2008
    Location
    Argentina
    Posts
    4,348

    Default Threat Prevention block legitimate traffic

    Why if an IP address is marked as suspicious, is it blocked as high risk?

    threat1.png

    threat2.png
    The world is divided into 10 kinds of people, who know binary and those not

  2. #2
    Master Untangler
    Join Date
    Apr 2010
    Posts
    109

    Default

    We are seeing the same. Lot's of traffic blocked as high risk, even though it's either in the suspicious category or does not have a verdict. To me it seems, that if an IP does not have a verdict in Brightcloud it is blocked in Untangle as High Risk.

    What is needed is to have a geolocation option in Threat Prevention rules. Then we could bypass local country traffic without having to either completely bypass protection for specific addresses or manually whitelist IP-s.
    dwasserman likes this.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2