https://community.cisco.com/t5/network-security/trust-host-in-sourcefire-ips/m-p/3013096#M42806 <P>We have deployed sourcefire 7125 with defence center 1500 recently.</P> <P>We get alot of alert through email about 10.1.1.10 with port 445, 10.1.1.10 is our share file server so that is normal to open that port in the server.</P> <P>How could we classify that 10.0.0.0/8 is allowed connect to 10.1.1.10:445 and wont get email alert any more.</P> <P>Thank you!</P> Sun, 10 Mar 2019 13:51:15 GMT duyennv10 2019-03-10T13:51:15Z https://community.cisco.com/t5/network-security/trust-host-in-sourcefire-ips/m-p/3013096#M42806 <P>We have deployed sourcefire 7125 with defence center 1500 recently.</P> <P>We get alot of alert through email about 10.1.1.10 with port 445, 10.1.1.10 is our share file server so that is normal to open that port in the server.</P> <P>How could we classify that 10.0.0.0/8 is allowed connect to 10.1.1.10:445 and wont get email alert any more.</P> <P>Thank you!</P> Sun, 10 Mar 2019 13:51:15 GMT https://community.cisco.com/t5/network-security/trust-host-in-sourcefire-ips/m-p/3013096#M42806 duyennv10 2019-03-10T13:51:15Z https://community.cisco.com/t5/network-security/trust-host-in-sourcefire-ips/m-p/3013097#M42808 <P>Create a new rule in your Access Control Policy with those addresses in it and action "Trust". Make sure it is above any more general rules. Save and deploy.</P> Sat, 03 Jun 2017 15:49:11 GMT https://community.cisco.com/t5/network-security/trust-host-in-sourcefire-ips/m-p/3013097#M42808 Marvin Rhoads 2017-06-03T15:49:11Z