Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Navigation
Guide That Contains This Content
[+] Expand All
[-] Collapse All

    Exempt Rulebase Example: Exempting an Attack Object

    Suppose your security policy detects HTTP Buffer Overflow: Header attacks on your internal network, but you know this can safely be ignored. You can exempt this traffic from inspection to optimize IDP Series performance and eliminate unnecessary logs.

    To exempt an attack object:

    1. If you have not done so already, create an address object for your internal network.
    2. Add the Exempt rulebase to your security policy.
    3. Add a rule that specifies a source that is the internal network and destination that is anywhere.
    4. Add the relevant attack object. In this example, add HTTP Buffer Overflow: Header.

    Published: 2011-02-08