Opened session remains after threat triggered block-ip. WTF!
Hi, I've been testing the block-ip action in spyware DNS signatures. I was an RDP session before the threat triggered the block-ip action. Then, no more connections are allowed (what is OK), but the RDP session remains open. Is this a normal behaviour? I think the FW should reset all the sessions previosly established for the blocked IP, shouldn...




