Setting up a list of excluded computers
| Article:HOWTO27084 | | | Created: 2010-01-08 | | | Updated: 2010-01-15 | | | Article URL http://www.symantec.com/docs/HOWTO27084 |
Setting up a list of excluded computers
The Symantec Endpoint Protection client may define some normal Internet activities as attacks. For example, some Internet service providers scan the ports of the computer to ensure that you are within their service agreements. Or, you may have some computers in your internal network that you want to set up for testing purposes.
You can set up a list of computers for which the client does not match attack signatures or check for port scans or denial-of-service attacks. The client allows all inbound traffic and outbound traffic from these hosts, regardless of the firewall rules and settings or IPS signatures.
Note:
You can also set up a list of computers that allows all inbound traffic and outbound traffic unless an IPS signature detects an attack. In this case, you create a firewall rule that allows all hosts.
To set up a list of excluded computers
In the console, open an Intrusion Prevention Policy.
See Editing a policy.
If not checked already, check Enable excluded hosts and then click Excluded Hosts.
In the Host dialog box, in the drop-down list, select one of the following host types:
Enter the appropriate information that is associated with the host type you selected.
Repeat 4 and 7 to add additional devices and computers to the list of excluded computers.
To edit or delete any of the excluded hosts, select a row, and then click Edit or Delete.
|
|
Legacy ID
349442
Article URL http://www.symantec.com/docs/HOWTO27084
Terms of use for this information are found in Legal Notices
Thank you.