Higher gainer low threat

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Higher gainer low threat

L4 Transporter

If you have an app that is being seen a lot in the logs but has a low rating and is skewing you results is it possible to exclude it from the threat prevention analysis?

2 REPLIES 2

L7 Applicator

You could always configure a special security rule for that application, and don't assign a security profile to it. It would need to be above any more generic rule that application would match, to prevent it from getting hit by the wrong rule.

Policies > Security > Add

Configure the application to be the one you don't want to get details on

Do not select any profiles (unless you still want to do virus scanning, etc.)

Select logging as desired (none, or the default of log at session end)

-Greg Wesson

Interested thought, it has and exceptions list but it does not seem to mean it is not letting it through but allowing a different actions than the original rule but ignoring it isn't an options

  • 1763 Views
  • 2 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!