Hide this message
Looking to compare latest NPM features with previous versions of NPM?
The NPM new feature summary offers a comparison of new features and improvements offered with this release.
Use the Block IP active response to block a port scanner or block an IP address at your firewall using your LEM manager. You can automate this response in a LEM rule or execute the response manually from the Respond menu in the LEM console.
You can use the Block IP active response with the following firewalls and modules.
Complete the Connector Configuration form according to your firewall's specifications.
Below is the form for the Cisco PIx Active Response connector.
Most active response connector forms require your firewall address and credentials. However, some connectors require additional information. For assistance, see the SolarWinds Success Center or contact Customer Support for assistance.
The Block IP active response creates a rule on your firewall to block the IP addresses you specify. To allow an IP address through your firewall, delete or modify the rule on your firewall as appropriate.
Identify the data types to trigger your new rule.
For research, you can search nDepth or view the incoming data received in the Monitor view grid.