Firewall is blocking some legitimate traffic to our API servers

I've been watching the firewall events for our domain, and some traffic that I think is legitimate (based on the user agent) is being blocked. The traffic in question is from China, which may explain it. Is the best option to simply lower the security level with a configuration rule? It's already on Low.