Is there a way to override a manual shun with an object group (or otherwise)?
I have found that we can override an "automatic shun" using:
threat-detection scanning-threat shun except object-group no-shun
But, we are needing a way to override a priviledged user typing in:
shun <ip>
Won't get too deep into the unlying reasons for needing this... but, let's just say it's a way to keep legit IP addresses from getting blocked when they are mistaken for malicious IPs.
Any ideas?