Jump to content

Symantec - False Positive Port Scan Attack Solution


henriquesalvador
 Share

Recommended Posts

Hi all,

 

If you use the Symantec Endpoint Protection you probably want to whitelist  your Domotz Pro Agent, to do so please do the following:

 

In SEP (Symantec Endpoint Protection) configuration you need to exclude the IP of your Domotz pro agent (make sure it is reserved at the DHCP server or configure with an Static IP address) using SEP Console:
 

  • Go to Policies -> Intrusion Prevention : Select your policy and right click Edit.
  • In the Intrusion Prevention section, click to Enabled excluded hosts and open "Excluded Hosts" Section
  • Click Add and enter the IP of the scanner(s), then click ok to save.
  • Once policy is saved, assign the policy to the relevant client group.

 

If you do not do this, the following message will be displayed, preventing the agent from correctly monitoring the workstations.

 

?name=inline904333391.png

 

Kind regards,
Henrique Salvador
Domotz Support

 

 

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

×
×
  • Create New...