I am using an AIP-SSM 10. I wish to block block Network Scanning. Is there a way to allow certain Hosts to scan the network without putting them in the Never To Block Addresses List ?
You should be careful when blocking the scanning signaturea, these can be easily triggered by simple things like a web browser fetching multiple elements to construct a web page.
If you want to allow you network scanner to remain unblocked you should look at Event Action Overrides and Event Action Filters:
