One of the easiest ways to create HIPS exceptions is to click on the machine from your system tree:
Then click the Threat Events tab
Find your WebEx threat and click on it
Click Actions > New Exception (Host IPS 8.0)
Then click whatever policy you want the WebEx exception in
Wake-up the machine to get the new policy
good to go
I salute you good sir. I never even saw that feature.
Thank you very much!
For anyone new to this, keep in mind that patches and updates to IE can change the fingerprint. When this happens the rule won't work until the fingerprint is updated.
you could also create just an exclusion for the target distinguished name:
CN=CISCO WEBEX LLC, OU=DIGITAL ID CLASS 3 - MICROSOFT SOFTWARE VALIDATION V2, O=CISCO WEBEX LLC, L=SANTA CLARA, S=CALIFORNIA, C=US
then select the signature, and leave everything else blank. of course if cisco changes their digital signature, you would need to update the exception.