https://community.cisco.com/t5/network-security/fmc-inbound-external-ip-exclusions/m-p/3085083#M42657 <P>Hello,</P> <P></P> <P>I need to exclude a few external inbound IPs from triggering Firepower alerts.</P> <P>What is the best method to accomplish this:&nbsp; Pass Rule, Access Control Policy - Trust, Whitelist..?</P> <P></P> <P>Thank You</P> <P>Frank</P> Sun, 10 Mar 2019 13:53:12 GMT 2019-03-10T13:53:12Z https://community.cisco.com/t5/network-security/fmc-inbound-external-ip-exclusions/m-p/3085083#M42657 <P>Hello,</P> <P></P> <P>I need to exclude a few external inbound IPs from triggering Firepower alerts.</P> <P>What is the best method to accomplish this:&nbsp; Pass Rule, Access Control Policy - Trust, Whitelist..?</P> <P></P> <P>Thank You</P> <P>Frank</P> Sun, 10 Mar 2019 13:53:12 GMT https://community.cisco.com/t5/network-security/fmc-inbound-external-ip-exclusions/m-p/3085083#M42657 2019-03-10T13:53:12Z https://community.cisco.com/t5/network-security/fmc-inbound-external-ip-exclusions/m-p/3085084#M42658 <P>Whitelist exempts the address that would otherwise be blacklisted by Security Intelligence.</P> <P>Trust exempts it from even basic protocol conformance checks and essentially gives it a pass for all manner of tomfoolery.</P> <P>It's generally better to exempt it from a specific policy/rule using a custom ACP rule while still allowing the other inspections to take place.</P> <P></P> Fri, 14 Jul 2017 04:49:28 GMT https://community.cisco.com/t5/network-security/fmc-inbound-external-ip-exclusions/m-p/3085084#M42658 Marvin Rhoads 2017-07-14T04:49:28Z