When Gateway Firewall detects malware within an IPv6 network flow, the resulting detection is not processed by Network Detection and Response. As a result, the detections will not be visible in the Threat Detection and Response UI.

NAPP 4.2.x

When an IPv6 flow is processed on the Gateway Firewall results in a malware detection, the IPv6 information of the flow where the file was detected is not properly sent to Network Detection and Response. As a result, Network Detection and Response components cannot process the detection, and will discard it.

There is no workaround for this issue in NDR in NAPP 4.2.x ; you can however see this detection in the MPS detections page. This will be fixed in a future release.