Reclassify threats detected that are legitimate traffic

Question

Hi there! 
 We have recently installed a HA pair of XG430s and are slowly turning features on with them and getting to know them. 
 
 Overall we like them and like what they can do but I have one area of concern I can't seem to find an obvious answer to (which could well be me!). 
 
 In the threat management reports, is it possible to reclassify an identified threat if you know it is something legitimate? 
 
 For instance I have two top level threats, first is the machine identifies a torrents client p2p at level 5. But this is actually a netflow operation between a Cisco router and PRTG. 
 
 Second we have Meraki Waps and they talk to each other on UDP port 9358 as pair of their Layer 3 ops and roaming etc.

I cannot find anywhere that I can anywhere in any of the firewall's settings that I can reclassify these things or tell it not to report on these specific cases. 
 
 Anybody got any experience of doing this? 
 Thanks 
 
 James

rfcat_vk · Accepted Answer

Hi James, 
 I have not tried this, you could try in the IP -> DoS and Spoof Protection ->DoS Bypass rule to create exceptions for your specific devices. 
 Ian

IT Support67 · Answer

Hi Ian, 
 
 Thanks, good idea but alas not. You have to specify a source port too and restarting the netflow service on my router changed the source port. 
 Also the waps have different source ports to ( can be seen in my screen grab above). 
 
 Cheers 
 
 James