Setting up a list of excluded computers

Excluded hosts are supported for network intrusion prevention only.
You can set up a list of computers for which the client does not match attack signatures or check for port scans or denial-of-service attacks. Network intrusion prevention and peer-to-peer authentication allow any source traffic from hosts in the excluded hosts list. However, network intrusion prevention and peer-to-peer authentication continue to evaluate any destination traffic to hosts in the list. The list applies to both inbound traffic and outbound traffic, but only to the source of the traffic. The list also applies only to remote IP addresses.
For example, you might exclude computers to allow an Internet service provider to scan the ports in your network to ensure compliance with their service agreements. Or, you might have some computers in your internal network that you want to set up for testing purposes.
You can also set up a list of computers that allows all inbound traffic and outbound traffic unless an IPS signature detects an attack. In this case, you create a firewall rule that allows all hosts.
  1. To set up a list of excluded computers
  2. In the console, open an Intrusion Prevention policy.
  3. On the policy page, click
    Intrusion Prevention
    .
  4. If not checked already, check
    Enable excluded hosts
    and then click
    Excluded Hosts
    .
  5. In the
    Excluded Hosts
    dialog box, check
    Enabled
    next to any host group that you want to exclude from network intrusion prevention. See:
  6. To add the hosts that you want to exclude, click
    Add
    .
  7. In the
    Host
    dialog box, in the drop-down list, select one of the following host types:
    • IP address
    • IP range
    • Subnet
  8. Enter the appropriate information that is associated with the host type you selected.
    For more information about these options, click
    Help
    .
  9. Click
    OK
    .
  10. Repeat step 5 and click
    OK
    to add additional devices and computers to the list of excluded computers.
  11. To edit or delete any of the excluded hosts, select a row, and then click
    Edit
    or
    Delete
    .
  12. Click
    OK
    .
  13. When you finish configuring the policy, click
    OK
    .