Endpoint Protection

 View Only

  • 1.  whitelist scanner IP addresses in SEPM

    Posted Feb 12, 2015 04:10 AM

    Hi Guys,

    Our network/security team performing Vulnerability scans in our network via few scanner devices. But Symantec endpoint blocking our traffic for 600 sec.

    Now network team wants to whitelist these scanner IPs in Symantec, can you please help me to how to whitelist our scanner IPs in SEPM 12.1 RU5?

    Regards,

    Sanjeev



  • 2.  RE: whitelist scanner IP addresses in SEPM

    Posted Feb 12, 2015 01:30 PM

    Duplicate thread

    https://www-secure.symantec.com/connect/forums/how-whitelist-vulnerability-scanner-ip-addresses-sepm

    The solution is to create firewall rule to allow the vuln scanners



  • 3.  RE: whitelist scanner IP addresses in SEPM

    Posted Feb 12, 2015 01:30 PM

    IPS is blocking it, you need to create an exclusion for it

    You need to setup as an excluded host

    IPS policy >> Settings >> Excluded Hosts



  • 4.  RE: whitelist scanner IP addresses in SEPM

    Broadcom Employee
    Posted Feb 12, 2015 01:59 PM

    Hi,

    Thank you for posting in Symantec community.

    I would be glad to answer your query.

    You can configure the unmanaged detector to ignore certain devices, such as printers, scanners.

    In the Add Unmanaged Detector Exception dialog box, click one of the following options:

    •Exclude detection of an IP address range, and then enter the IP address range for several devices.

    •Exclude detection of a MAC address, and then enter the device's MAC address.

    Refer this article: Configuring a client to detect unmanaged devices

    http://www.symantec.com/docs/HOWTO80763 



  • 5.  RE: whitelist scanner IP addresses in SEPM

    Broadcom Employee
    Posted Feb 23, 2015 05:12 AM

    Is there any update?

    OR

    If issue has been resolved could you mark this thread as a solved with the best answer that helps you :)