Hi,
I want to whitelist a scanner host on our network that is triggering lots of intrusion events.
I tried to right-click the IP address and the select "Whitelist IP now", and it puts the IP in the Global-Whitelist, but intrusion events are still getting triggered.
Do I need to do a deploy after adding it to the Whitelist? Also, since the Whitelist seems to be for security Intelligence events and this is an intrusion events, should I use a trust rule in the ACP instead?
Thanks
/Chess
