Limitations and Precautions for HiSec Insight Interworking

All models except USG6510E/6510E-POE/6530E support the HiSec Insight interworking.

The HiSec Insight Interworking is not controlled by the license.

Virtual systems do not support the configuration of interworking with the HiSec Insight.
The HiSec Insight interworking function does not support IPv6.

Interworking between the FW and HiSec Insight requires the northbound RESTCONF interface. Otherwise, the HiSec Insight cannot deliver blocking commands to the FW.
Interworking between the FW and HiSec Insight requires the blacklist function. Otherwise, the FW cannot block traffic that matches malicious sessions.
In the hot standby scenario, for interworking between the FWs and HiSec Insight, the IP addresses and API KEYs of the active and standby FWs must be added to the interworking device whitelist on the HiSec Insight. Otherwise, the FWs have inconsistent capabilities of blocking malicious traffic because the FW blacklist entries do not support backup between the FWs.
If there are insufficient dynamic blacklist entries, the FW fails to generate the HiSec Insight interworking blacklist.