ESET Updates blocked by IPS

Question

Hi There, 
 SFOS 17.1.2 MR-2 
 
 Have been trying for the last few hours to allow my ESET Internet Security client to update but not getting anywhere even after creating rules to allow traffic to the "eset.com" domains and allow traffic to/from the Eset update servers to skip IPS, the only way I managed to get it to work is by adding an allow packet for "1180501012 FILE-OTHER 7-Zip RAR CVE-2018-10115 Solid Compression Remote Code Execution" to the "generalpolicy" IPS Policy however I'm not comfortable turning off one of the signatures for the whole network. 
 
 How can I simply allow communication with either "*.eset.com" or a list of IP addresses (IP Host > Creat a new a IP List with all Eset update server IP's) to skip IPS ? 
 
 Thanks

RaymondPalms · Answer

Think I figured it out now, I didn't want to add an allow for that Signature network wide, so I did the following which works now. 
 
 Hosts and Services > IP Host > Create new IP Host with type "IP List" and add all ESET Update IP Addresses in that list. 
 Intrusion Prevention > IPS Policies > Add a new Policy, then add a new rule within that policy with only that signature selected and Action is "Allow Packet" 
 Firewall > Create a new Firewall rule with the following settings:

I beleive this now allows that Signature through when the destination/source is one of the ESET update servers.