Hi ,
As the post below does not explicitely says how not to stop the attack after getting detected by SEP , In my case I just want to get the logs in not to stop them by IPS module, Is it possible to do on client end?
https://support.symantec.com/us/en/article.tech104434.html
As a second link https://support.symantec.com/us/en/article.TECH162264.html I would need to screen out the IP what I understood from post that IU need to create exception policy in SEP and then attached to target machine?
I am more intrested to unblock specific IPs to get identified by IPS functionality and should be only logged functionality as threat detected, would this be possible?
Regards
Dev