Endpoint Protection Small Business Edition

 View Only

  • 1.  How to exclude IP from Network Threat Protection?

    Posted Dec 05, 2014 05:08 AM

    Hi all.

    I've read lots of forums, but it still not working.

    How i can create exclude for specific IP address in Network Threat Protection in SEP (controlled by SEPM 12.1)?

    In SEPM i've created top allow rule for IP (ex., 1.2.3.4) in Policies - Firewall.

    In Policies - Intrusion Prevention checked "Enable excluded hosts" and added 1.2.3.4 for a default intrusion prevention policy.

    But nothing of this is working!

    What's the trick?



  • 2.  RE: How to exclude IP from Network Threat Protection?

    Posted Dec 05, 2014 05:19 AM

    Have you see below articles ?

    Setting up a list of excluded computers

    Article:HOWTO81159  | Created: 2012-10-24  | Updated: 2014-09-21  | Article URL http://www.symantec.com/docs/HOWTO81159


  • 3.  RE: How to exclude IP from Network Threat Protection?

    Posted Dec 05, 2014 06:27 AM

    This is a longer thread but see if it applies to you as it may be a limitation:

    https://www-secure.symantec.com/connect/forums/sep-ips-blocking-outbound-traffic-vulnerability-scanner



  • 4.  RE: How to exclude IP from Network Threat Protection?

    Posted Dec 05, 2014 07:06 AM

    Yes, i'm doing this.

    Sorry, the client does not recieved updated policy when i'm tested it.

    After  "smc -updateconfig" all works properly.

    Thanks!



  • 5.  RE: How to exclude IP from Network Threat Protection?

    Posted Dec 05, 2014 08:03 AM

    Good to know it was policy related



  • 6.  RE: How to exclude IP from Network Threat Protection?

    Broadcom Employee
    Posted Dec 05, 2014 08:44 AM

    Hi,

    It seems policy was not inherited by SEP clients. In such cases as a workaround you can create a new group and move all the affected clients to that specific group. Assign policy to new group.