No, MARS does not mitigate automatically without administrator intervention.
MARS correlates all its data to determine the best device and command that can be used to mitigate an attack. It then presents you with the mitigation command it has determined will best stop the attack. There is also a single-click option to deploy the command to the mitigation device, for instance a router, switch, firewall, IPS or ISR router.
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...