How can I configure an IPS exclusion list?

Description

This article explains how to configure an Exclusion list in the Intrusion Prevention Service on the firewall.

Resolution for SonicOS 7.X

This release includes significant user interface changes and many new features that are different from the SonicOS 6.5 and earlier firmware. The below resolution is for customers using SonicOS 7.X firmware.

  1. Click Policy , navigate to Security Services | Intrusion Prevention page.
  2. Navigate to IPS global settings panel.
  3. Select Enable IPS.

Image

     

      4. Click  Configure  button, the IPS exclusion list dialog appears.

Image

     5. Select Enable IPS Exclusion List.

     6.Select either the Use Address Object option or the Use Address Range option.

     7.If you selected the Use Address Object option, select the address object you want to exclude from the menu.

     8.If you selected the Use Address Range option, click Add, the add IPS range entry dialog appears.

     9.Enter the IP address range to exclude in the IP address from and the IP address to boxes.

     10.Click OK.

Resolution for SonicOS 6.5

This release includes significant user interface changes and many new features that are different from the SonicOS 6.2 and earlier firmware. The below resolution is for customers using SonicOS 6.5 firmware.

  1. Click MANAGE , navigate to Security Services | Intrusion Prevention page.
  2. Navigate to IPS global settings panel.
  3. Select Enable IPS.
    Image
  4.  Click  Configure IPS Settings button, the IPS exclusion list dialog appears.
    Image
  5.  Select Enable IPS Exclusion List.
  6. Select either the Use Address Object option or the Use Address Range option.
  7. If you selected the Use Address Object option, select the address object you want to exclude from the menu.
  8. If you selected the Use Address Range option, click Add, the add IPS range entry dialog appears.
  9. Enter the IP address range to exclude in the IP address from and the IP address to boxes.
  10. Click OK.

    NOTE: It is possible to only exclude only IP addresses on the whole, not specific services (specific port numbers) from being scanned. On the other hand, specific signatures can be disabled to stop the firewall from scanning traffic against them.


Resolution for SonicOS 6.2 and Below

The below resolution is for customers using SonicOS 6.2 and earlier firmware. For firewalls that are generation 6 and newer we suggest to upgrade to the latest general release of SonicOS 6.5 firmware.

  1.  Navigate to  Security Services | Intrusion Prevention page.
  2. Navigate to  IPS global settings panel.
    Image
  3. Select Enable IPS.
  4. Click  Configure IPS Settings button, the IPS exclusion list dialog appears.
    Image
  5.  Select Enable IPS Exclusion List.
  6. Select either the Use Address Object option or the Use Address Range option.
  7. If you selected the Use Address Object option, select the address object you want to exclude from the menu.
  8. If you selected the Use Address Range option, click Add, the add IPS range entry dialog appears.
  9. Enter the IP address range to exclude in the IP address from and the IP address to boxes.
  10. Click OK.

    NOTE: It is possible to only exclude only IP addresses on the whole, not specific services (specific port numbers) from being scanned. On the other hand, specific signatures can be disabled to stop the firewall from scanning traffic against them.

Related Articles

  • Unable to change the user password on firewall login page
    Read More
  • SonicWall UTM throws an error : " Invalid Authentication " Error: SN and EPAID Do Not Match
    Read More
  • Using 31-Bit Prefixes on IPv4 Address Error: Index of the interface: Invalid IP Address
    Read More

Categories

Firewalls
TZ Series
IPS/GAV/Spyware
Firewalls
NSa Series
IPS/GAV/Spyware
Firewalls
NSv Series
IPS/GAV/Spyware
not finding your answers?
Ask the Community
was this article helpful?
YesNo