Has anyone ran across an issue where a system continues to receive blocks on the firewall, when there are already rules to permit the activity?
For example, the user has a firewall policy with a CAG in it. Within the CAG is an allow all. The criteria of the CAG was met, by being within a certain IP range. The traffic is typical IP traffic for 389, 445, etc. This system was recently upgraded to HIPS 8. The product was also removed (with the HIPS ripper tool), then reinstalled fresh and still continues to display this behavior.
Message was edited by: greatscott on 12/19/13 7:31:46 AM CST