I did a show threat-detection statistics top host on my firewall. Attachesd is a screenshot, as you can see at the top. My top threat is 188.8.131.52 could be in reverse, not sure. It is pointing over to some japenese site. We currently have no business over there.
As you can see it is pointing back to an internal IP of one of our upper level managements PC's. This is a personal laptop. What would be the best way to stop this connection? Would it be to just ban the public IP on the OUTSIDE/INSIDE interface. I am pretty new at Cisco.
Thanks for your help.