07-05-2015 12:22 AM - edited 03-10-2019 06:24 AM
Hi everybody
I want know why create whitelist ip add in IPS? And if IP of the packet belong to whitelist ip addr that content check in IPS section?or traffic send to IPS?
07-05-2015 03:37 AM
You can whitelist some subnets to avoid inspection.
g1
07-05-2015 06:03 AM
I dont know your answer Ji won. why use whitelist ip addr?
07-05-2015 07:17 AM
Hi, here is the correct answer.
Whitelists/Blacklists are processed before Access Control Policy rules.
Connections are refused (inbound/outbound) from IP addresses that are Blacklisted.
Connections are accepted from Whitelisted IP addresses. Whitelisted IP addresses take priority over Blacklisted IP addresses.
HTH
Paul
04-05-2018 07:39 AM
Is there a way for Whitelisted IP addresses to not be inspected? It seems like the only reason to have a whitelist is to override the blacklist. Please correct me if I am wrong
04-05-2018 09:51 AM
Hi
When you white list a IP. It means its whitelisted from Security intelligence but it can still be inspected by Intrusion policy. The other way is to create another intrusion policy with signature you need disabled and apply that for that network/IP
If you just need to bypass 1 IP completely, just create a trust rule on top with that IP.
Hope that helps,
yogesh
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: