cancel
Showing results for 
Search instead for 
Did you mean: 
indera
Level 8
Report Inappropriate Content
Message 1 of 5

Exception for specific access in McAfee IPS

Jump to solution

Hi,

I'm new with McAfee IPS. hope anyone can help me. i like to run a pentest on one of the server via the McAfee IPS. question is, how do i allow the traffic to pass thru the IPS? if i allow the traffic, am i still able to inspect and show the event? can IPS do a packet trace?

Thank you.

1 Solution

Accepted Solutions
indera
Level 8
Report Inappropriate Content
Message 5 of 5

Re: Exception for specific access in McAfee IPS

Jump to solution

HI Mirrorless,

thanks for the info..appreciate it

4 Replies

Re: Exception for specific access in McAfee IPS

Jump to solution

I asume you want to unfileter all

- Login to NSM

- Click/Go to "Configure"

- Click on "IPS Settings"  tree

- Click on "ACL" tab

- Click on "ACL Editor" to create your ACL (pentest Ip)

- Then click on "ACL Assignments" to assign the ACL

indera
Level 8
Report Inappropriate Content
Message 3 of 5

Re: Exception for specific access in McAfee IPS

Jump to solution

Hi Mirrorless.

Thank you for your reply, if i add the filter to the ip? does the traffic shown on the threat analyzer?

Re: Exception for specific access in McAfee IPS

Jump to solution

ACL is higher filtering level if you're permit it then the IP will be exclude from checking so it's will not shown

If you want to filter for specific alerts ONLy then.. go to Configure | IPS Settings then

- Alerts Filters

- create alrts filter in Alert Filter Editor and assigned the Alert Filter in Alert Filter Assignment for any port/IPS

With Alert Filter you can configure on how the alerts/signature handle the traffic should it be pass/block etc..

indera
Level 8
Report Inappropriate Content
Message 5 of 5

Re: Exception for specific access in McAfee IPS

Jump to solution

HI Mirrorless,

thanks for the info..appreciate it

More McAfee Tools to Help You
  • Subscription Service Notification (SNS)
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • eSupport: Policy Orchestrator
  • Community Help Hub

      New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

    • Find Forum FAQs
    • Learn How to Earn Badges
    • Ask for Help
    Go to Community Help

    Join the Community

      Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

    • Get helpful solutions from McAfee experts.
    • Stay connected to product conversations that matter to you.
    • Participate in product groups led by McAfee employees.
    Join the Community
    Join the Community