ISDB address objects encapsulate a range of IP addresses, allowing network administrators to apply security rules and filters to traffic originating from or destined for these addresses. Address objects can represent single IPs, IP ranges, or entire subnets. Controlling these address objects provides a powerful tool for enforcing security policies.

To disable specific IP addresses or IP ranges within ISDB address objects, follow these steps:

1. Navigate to the section where ISDB address objects are managed. Identify the specific ISDB address object that contains the IP addresses or ranges to disable.

2. Once the address object has been selected, a list of address entries will be presented. This list contains the individual IP addresses or IP ranges that are encompassed by the address object. To disable a specific entry, 'right-click' on it. Select the 'Disable' option. This action will mark the selected IP address or IP range as inactive, effectively preventing traffic associated with these addresses from being allowed through.

After disabling the desired IP addresses or ranges, remember to save the changes. This step ensures that the modifications are applied and take effect in the network's security policies.

If there is a suspicious IP and want to verify if it is a part of any ISDB address object, use the 'IP Address Lookup' on GUI as shown below and enter the IP. Then, hit 'enter' with the keyboard as there might not be any button on the GUI and it will show the related information.

Note: There is a known issue 853352 in which the admin user cannot scroll down to the end of the View/Edit Entries if there are over 100K entries in the slide-out window of the Policy & Objects > Internet Service Database page. This issue is expected to be fixed in v7.6.4/v8.0.0.

As a workaround, an admin can create an allow policy for that IP address and place the policy above the deny policy with ISDB object.