Unblocking a host

If you configure threat detection in prevention mode, and the system blocks a host that you know is not an attacker, you can manually unblock the host before host is automatically unblocked when the duration period expires.

To manually unblock the host, log into the device CLI where the host is blocked and enter the clear threat-detection portscan attacker command. For example:

> clear threat-detection portscan attacker 10.2.0.100 255.255.255.255 
1 tracker object deleted and 1 shun entry removed

Consider adding the host IP to the exclude list in the prevention configuration.