Add exception for IPS

I found this: https://support.sophos.com/support/s/article/KB-000038369?language=en_US

However, I would like to narrow that exclusion down even further to only the install.vendor.com FQDN

Hello Levi,

Thank you for contacting the Sophos Community!

IF you trust that website, you could create a Firewall rule, allowing access to it without IPS, to the IPs of the same, so that way the IPS will not get triggered.

Name: install.vendor.com
Addresses: 45.33.2.79
198.58.118.167
96.126.123.244
45.33.23.183
45.79.19.196
45.56.79.23

I think the above are the IPs they use, I believe you are trying to add the Customer IPS signature with the FQDN under Protect >> Intrusion Prevention >> Custom IPS signatures?

Does the /log/ips.log says any additional information about this?

Regards,