Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 2 replies
  • Subscribers 3 subscribers
  • Views 5678 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

ipsExceptions for false positives

balletbob

Hi,

I have a 'MALWARE-OTHER Executable control panel file download request' false positive that I need to put an exception in for.

I don't want to exclude the entire rule or detection, just whitelist this host that is triggering the false positive.


How is this done?

Thanks

Damien



This thread was automatically locked due to age.
Parents
  • 0

    Hi, Damien, good to see you made it over here!

    Just add a 'Network/Host Exception' in 'Advanced Threat Protection'.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    Thanks Bob,

    I'd really like it if you could put the exception for the Host with the specific rule you want to exclude rather than whitelisting the entire device.

    At the moment you have to be prepared to trust the entire device.

Reply Children
No Data
Cookie Information Banner