Hi, i get more and more frequent portscan alerts running for multiple hours. I would like to block them manually on an IP basis. I created a network group populated with bad IP addresses and implemented this as a blackhole route, but still having…

I turned on portscan notifications, and have been receiving hundreds of alerts. The strange thing is, lots of them are from internal IPs. Eg: A portscan was detected. Details about the event: Time.............: 2016-08-05 06:12:01 Source IP address…