A single user logged on to day and has received an SEP message "A client will block traffic from IP address 192.168.x.x for the next 600 seconds (from 11/5/2014 11:30:15PM to 11/5/2014 11:40:15 PM) Port Scan attack is logged."
He tells me that he has received the same message twice more this morning, but nothing further
The IP address is from our own intranet server.
Are there some best known troubleshooting steps to resolve this issue (if it is an issue). Thanks.