0 Replies Latest reply on Aug 15, 2016 2:51 PM by strawgate

    Endpoint Security GTI Rule Bypass

    strawgate

      Hello,

       

      I'm currently seeing an issue with the Endpoint Security firewall with GTI enabled (set to high risk for inbound and outbound traffic).

       

      I have an explicit allow in the firewall for an application but I continue to see denies (not with the implicit deny) from GTI. I can't seem to find a way to bypass GTI for a trusted application/port/network.

       

      Example:

       

      Time: 08/15/2016 02:34:09 PM

      Event:  Traffic

      IP Address: <IP Address of Machine>

      Description:  DATABASE SERVICE MANAGER

      Path:  C:\PROGRAM FILES (X86)\PERVASIVE SOFTWARE\PSQL\BIN\W3DBSMGR.EXE

      Message:      Blocked Incoming TCP  -  Source  <IP Address of Machine> :  (56357)   Destination  <IP Address of Machine> :  (1583)

      Matched Rule:  GTI Rule - TCP - In

       

      Regardless of what rules I add it still is flagged and blocked by GTI.

       

      Any ideas?