Jump to content
henriquesalvador

Symantec - False Positive Port Scan Attack Solution

Recommended Posts

henriquesalvador

Hi all,

 

If you use the Symantec Endpoint Protection you probably want to whitelist  your Domotz Pro Agent, to do so please do the following:

 

In SEP (Symantec Endpoint Protection) configuration you need to exclude the IP of your Domotz pro agent (make sure it is reserved at the DHCP server or configure with an Static IP address) using SEP Console:
 

  • Go to Policies -> Intrusion Prevention : Select your policy and right click Edit.
  • In the Intrusion Prevention section, click to Enabled excluded hosts and open "Excluded Hosts" Section
  • Click Add and enter the IP of the scanner(s), then click ok to save.
  • Once policy is saved, assign the policy to the relevant client group.

 

If you do not do this, the following message will be displayed, preventing the agent from correctly monitoring the workstations.

 

?name=inline904333391.png

 

Kind regards,
Henrique Salvador
Domotz Support

 

 

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


×
×
  • Create New...