Hide this message
Welcome to the NEW Success Center. Search all resources (documentation, videos, training, knowledge base articles) or browse resources by product. If you are unable to find what you are looking for, please contact us at firstname.lastname@example.org
Use the Block IP active response to block an IP address at your firewall using your LEM appliance. This action is useful for blocking port scanners and can be automated in a LEM rule or executed manually from the Respond menu in the LEM Console.
You can use the Block IP active response with the following firewalls/modules.
Configure the Active Response connector for one of the firewalls listed above on your LEM appliance.
To configure the Active Response connector for your firewall:
The Block IP active response creates a rule on your firewall to block the IP addresses you specify. To allow an IP address through your firewall, delete or modify the rule on your firewall as appropriate.