After upgrade to 9.1.5, i noticed the Severity level high and medium threat actions are allowed and some of them are getting sinkhole. Please let us know if anyone knows why it's getting alert instead of the block in high severity. Attached screenshots
URL's are HTTP traffic, so they don't get sinkholed. URL's are subject to URL Filtering.
Sinkhole is applied to domains, which is DNS traffic.
Please open a Support case so we can work with you and understand the question better.
We can come back to this post at the end of the case to share our findings with the community.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!