Forum Discussion

jerm1020_254086's avatar
jerm1020_254086
Icon for Nimbostratus rankNimbostratus
Nov 01, 2016

possible to whitelist specific signatures for an IP?

Would it be possible to block all traffic which triggers a signature except for specific IPs or nodes? Ideally we’d like to minimize the protection relaxation. I’ve reviewed the IP Address Exceptions functionality but this appears to remove all signature protection for a given address which is not a palatable option.

 

  • nathe's avatar
    nathe
    Icon for Cirrocumulus rankCirrocumulus

    jerm1020,

     

    I'm not sure that is possible. One workaround is to have a seperate policy for those IP addresses and use a traffic policy or iRule to switch between the different policies.

     

    Not great i imagine but i can't think of an alternative.

     

    Hope this helps,

     

    N