Technical Documentation

Download Software
Research a Problem
Case Management
Contract & Product Management
Technical Documentation
End-of-Life Products
Contact Support
Guidelines and Policies
Security Resources

Downloads
Exempt Rulebase Example: Exempting an Attack Object

Related Topics
Understanding the Exempt Rulebase
Example: Fine-Tuning a Security Policy
Configuring Exempt Rulebase Rules (NSM Procedure)

Exempt Rulebase Example: Exempting an Attack Object

Suppose your security policy detects HTTP Buffer Overflow: Header attacks on your internal network, but you know this can safely be ignored. You can exempt this traffic from inspection to optimize IDP performance and eliminate unnecessary logs.

To exempt an attack object:

If you have not done so already, create an address object for your internal network.
Add the Exempt rulebase to your security policy.
Add a rule that specifies a source that is the internal network and destination that is anywhere.
Add the relevant attack object. In this example, add HTTP Buffer Overflow: Header.

Technical Documentation

Exempt Rulebase Example: Exempting an Attack Object

Published: 2010-01-12