Active response - The client will block traffic from IP address...
I'm little bit confused with policy settings.
In firewall policy -> protection and stealth, there is NOT enabled "Atuomatically block an attacker's IP address". On client is applied actual version of policies. But when I open website www.osecanka.cz, in security log appear:
[SID: 25887] Web Attack: Malicious Java Download Request 2 attack blocked. Traffic has been blocked for this application: \DEVICE\HARDDISKVOLUME2\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE
The client will block traffic from IP address "PROXY IP" for the next 600 seconds (from 30.10.2012 15:48:27 to 30.10.2012 15:58:27).
So, why is this happening ?