So I'm new to FMC and I'm trying to get a grip on how things work.
I have an intrusion alert that keeps coming up.
"HI_CLIENT_DOUBLE_DECODE (119:2:1)"
Problem is, it keeps alerting on non-malicious traffic (all internal traffic).
How do I turn off this rule for a specific network? without turning it off all together?
Ex.
network is 192.168.50.48 ---> 192.168.51.30 - HI_CLIENT_DOUBLE_DECODE (119:2:1)
network is 192.168.50.48 ---> 192.168.52.30 - HI_CLIENT_DOUBLE_DECODE (119:2:1)
network is 192.168.50.48 ---> 192.168.53.30 - HI_CLIENT_DOUBLE_DECODE (119:2:1)