Results 1 to 2 of 2
  1. #1
    Untangle Ninja dwasserman's Avatar
    Join Date
    Jun 2008

    Default Threat Prevention block legitimate traffic

    Why if an IP address is marked as suspicious, is it blocked as high risk?


    The world is divided into 10 kinds of people, who know binary and those not

  2. #2
    Master Untangler
    Join Date
    Apr 2010


    We are seeing the same. Lot's of traffic blocked as high risk, even though it's either in the suspicious category or does not have a verdict. To me it seems, that if an IP does not have a verdict in Brightcloud it is blocked in Untangle as High Risk.

    What is needed is to have a geolocation option in Threat Prevention rules. Then we could bypass local country traffic without having to either completely bypass protection for specific addresses or manually whitelist IP-s.
    dwasserman likes this.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts

SEO by vBSEO 3.6.0 PL2