Setting up a list of excluded computers
|Article:HOWTO55407|||||Created: 2011-06-29|||||Updated: 2011-12-16|||||Article URL http://www.symantec.com/docs/HOWTO55407|
You can set up a list of computers for which the client does not match attack signatures or check for port scans or denial-of-service attacks. The client allows all inbound traffic and outbound traffic from these hosts, regardless of the firewall rules and settings or IPS signatures.
You might want to set up a list of computers to exclude from intrusion prevention. Computers might run some legitimate software that intrusion prevention detects as a threat. For example, you might run a vulnerability scanner in your network. Intrusion prevention blocks the vulnerability scanner when it runs. You can exclude the IP address of the vulnerability scanner from intrusion prevention detection.
You might also exclude computers to allow an Internet service provider to scan the ports in your network to ensure compliance with their service agreements. Or, you might have some computers in your internal network that you want to set up for testing purposes.
To set up a list of excluded computers
Article URL http://www.symantec.com/docs/HOWTO55407