SFA blocks the blacklist hosts as we remove the netmask associated with the host IP address.
SFA 2.7 installers for AIX 6.1 and AIX 7.1 are revised to address the issue.
Troubleshooting SFA issues:
SFA is installed with Windows default Administrator account or UNIX root account
SFA is installed on supported Operating System (https://support.ca.com/phpdocs/7/9526/9526-PAM-platformsupportmatrix.pdf)
Communication between target host and SFA on target host over port 8550 (default port for SFA) and 443 are not blocked
Ensure that SFA daemon is running (/etc/rc.d/init.d/gksfd start)
Check the gksfd.log (/var/tmp/gksfd.log)
Associate the socket filter to the user-device policy
On UNIX and Linux targets, SFA only filters non-root users. Ensure that you login to the target UNIX host with non-root user to test the access control according to the filter list and the non-root user is not specified with SECURE_USER in gksfd.cfg file