Under the Global Correlation Reports I see Reputation Filtering 86.88% and Tranditional IPS Detection Techniques 13.12% and Global Correlation Inspection 0%. I am unable to see what the Reputation Filtering is blocking or denying, how do I see this in the reports? Also is the Traditional IPS Detection Techniques what the 6.X version was doing?
Right now there is not a method to see what was denied by the Reputation Filtering.
There is an enhancement request in the system to add data showing the addresses being denied by Reputation Filtering. This is being considered for a future version.
And yes the Traditional IPS Detection Techniques is what a version 6.x sensor would deny for the same traffic.