We have a vulnerability scanner (Nexpose) that does a scan of the network. I added the IP of the Nexpose server to the Excluded Hosts in the Intrusion Prevention policy. Mac users continue to receive a notification that the vulnerability is blocked. How do I get the SEP client to not block the scan from the excluded IP and to not show a notification?