Endpoint Protection

 View Only

  • 1.  IPS exclusion policy not working properly

    Posted Mar 02, 2017 11:57 AM

    Hi,

    We have a IPS exclusion policy(internal Vm machine IP's) applied for the entire org. Somehow, only for few machines(MAC), its still detecting as attack even though these machines are in excluded host's. 

    I pulled the attack logs and however the machine was not there. But, the user sent a screenshot and its very clear that symantec blocked our internal VM IP since its considered as threat(port scan). 

    I am just confused why in the attack logs i couldnt see it. This is MAC machine's. The problem is, the user is in remote place and he cannot share his machine(MAC) since we use windows 7. Is there a way where we can check from SEP manager console itself. 

     

    Note: The IPS exclusion policy is verified and its applied to entire Org.

     

     



  • 2.  RE: IPS exclusion policy not working properly

    Posted Mar 20, 2017 04:50 PM

    Do you have the exclusion setup by IP address, IP range or subnet? These are the only ones supported by Mac clients.



  • 3.  RE: IPS exclusion policy not working properly

    Posted Mar 21, 2017 06:03 AM

    Hi,

     

    I have created based on IP address only.