Remediation Settings

Access to an SRA appliance from aggressive IP addresses are denied directly when Geo IP & Botnet Filter is enabled. Remediation provides valid users an opportunity to process the access from the aggressive IP addresses.

For web access, user are redirected to the CAPTCHA page, as shown below. A countdown timer tells the time that remained for user to perform remediation. The user must finish remediation within limited time, otherwise user IP address is added to the block list and all access from the aggressive IP address is blocked for a period of time.

If remediation is successful within the Verification Time, the user is directed to corresponding page that was requested. A CAPTCHA session is then created to record the remediation status. During the Valid Duration, all access from the IP address is allowed. After the Valid Duration, the CAPTCHA session goes to expired status. If the user is still in login status, access is not interrupted, but after the user login session is expired the CAPTCHA session is deleted and remediation is required again.

To enable Remediation and configure the settings:

Click Remediation Settings.

Click the Enable Remediation checkbox.

In the Max allowed time for CAPTCHA entries (s) field, select the maximum amount of time (in seconds) that the user will have perform Remediation. The minimum/maximum range is 30-300 seconds, with default value for this field being 60 seconds.

In the Allowed/Blocked duration after CAPTCHA validation (m) filed, select the duration of time (in minutes) that the user is allowed/blocked after performing the CAPTCHA validation. The minimum value is 5 minutes and the maximum is 30, with the default value being 15 minutes.