When an IP is added to the Excluded Hosts list in an Intrusion Protection Policy, what exactly are they excluded from...everything?
I ask since I have my Firewall policy set to block incoming traffic (tcp) on specific ports, and although this seems effective (client logs show the blocking occuring) I have a server that is part of my excluded list pass right thru with no blockage. Is this correct...in that any host added to the Excluded list bypasses everything?
Additionally, should my SEPM servers be part of this list?