Operational Defect Database
BugZero found this defect 443 days ago.
Data sources
All data on this page is proprietary to BugZero® or gathered from public sources
WatchGuard Technologies | kA16S000000BcZmSAK
Firebox IP address presented for the Block IP action in ThreatSync incidents detected on incoming connections
Last update date:
3/27/2024
Affected products:
ThreatSync
Affected releases:
All
ThreatSync
WatchGuard Cloud
Fixed releases:
All
Description:
Issue
ThreatSync incidents might recommend that you block the Firebox primary external IP address or secondary IP when threats are detected on incoming connections from an external source.
Workaround/Solution
No workaround exists at this time.If you configured the Firebox to scan incoming connections with IPS, Gateway AntiVirus, or APT Blocker, do not create ThreatSync automation policies with the Block Threat Origin IP action. The Firebox has protection to prevent it from blocking its own IP address. However, because IP addresses blocked by ThreatSync actions are blocked on all eligible Fireboxes, blocking the IP address of a Firebox might result in a loss of BOVPN connectivity or other connections.
