About the block response

The block response is a default response that blocks attacks by dropping packets and sending resets to TCP connections.

The Block response for an appliance differs depending on the operation mode:
In this mode The appliance does this action
Passive Monitoring Sends resets to block only TCP connections.
Note: You can disable resets using tuning parameters, disabling the block response in security events, or by changing X-Force blocking to Never.
Inline Simulation Monitors network traffic and generates alerts but does not block the offending traffic
Inline Protection Blocks attacks by dropping packets and sending resets to TCP connections
The appliance mode is set when the appliance is installed. For information about changing your appliance mode, see Configuring security interfaces.