Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2085
Views
0
Helpful
1
Replies

How to whitelist an IP or a host group ?

Coco21
Level 1
Level 1

‎08-26-2021 10:07 AM

Hi Team,

 

I need a help,

How to whitelist a host group to avoid alarm, 

 

I am getting alarms in custom security policy for genuine traffic.

To avoid those thing, I have create an host group and add those IPs in that group. After that in custom policy I exclude (except) that host group. 

 

But still I am getting the alarms.

 

Please advice. What to do.

 

Labels:
0 Helpful
1 Reply 1

jamegill
Cisco Employee
Cisco Employee

‎09-08-2021 06:57 AM

Hi @Coco21 

It sounds like you are heading in the right direction to group those hosts and apply a Role Policy to squelch those alarms.

When you show the alarm table, look in the Policy column, this will show you which Policy is being triggered to generate the alarms. You will either need to tune the Policy indicated or remove the hosts from the group that policy is applied to.

There are two classes of policies, Default and Role.  Any Role policy supercedes the setting in the Default for the events defined in the policy, but a host with multiple Role Policies is subject to all of them equally.

 

I hope you find that helpful!

--jg

0 Helpful
Customers Also Viewed These Support Documents