Higher gainer low threat

Reply
L4 Transporter

Higher gainer low threat

If you have an app that is being seen a lot in the logs but has a low rating and is skewing you results is it possible to exclude it from the threat prevention analysis?

L7 Applicator

Re: Higher gainer low threat

You could always configure a special security rule for that application, and don't assign a security profile to it. It would need to be above any more generic rule that application would match, to prevent it from getting hit by the wrong rule.

Policies > Security > Add

Configure the application to be the one you don't want to get details on

Do not select any profiles (unless you still want to do virus scanning, etc.)

Select logging as desired (none, or the default of log at session end)

-Greg Wesson

L4 Transporter

Re: Higher gainer low threat

Interested thought, it has and exceptions list but it does not seem to mean it is not letting it through but allowing a different actions than the original rule but ignoring it isn't an options

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!