This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

IPS Whitelisting

Hi,

I've got a customer, failed to download a file from a trusted site.
IPS blocks this and I don't know how to whitelist this, because the blocked stream comes from the WAN to the LAN:

IPS

2019-02-20 16:02:11

Signatures

Drop

62.xxx.xxx.xxx

10.xxx.xxx.xxx

13361

FILE-OTHER ClamAV MEW PE file integer overflow attempt

file-other

Windows

Client

07002

I searched the whole forum but can't find a post that I can adopt for this.
Is the only possible way to change the IPS policy?

This thread was automatically locked due to age.

Parents

0 rfcat_vk over 6 years ago

Hi,

you need to do a search in the IPS for individual packages and disable the offending package.

Ian
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 rfcat_vk over 6 years ago

Hi,

you need to do a search in the IPS for individual packages and disable the offending package.

Ian
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data