Jump to content

Symantec - False Positive Port Scan Attack Solution


Recommended Posts

Hi all,


If you use the Symantec Endpoint Protection you probably want to whitelist  your Domotz Pro Agent, to do so please do the following:


In SEP (Symantec Endpoint Protection) configuration you need to exclude the IP of your Domotz pro agent (make sure it is reserved at the DHCP server or configure with an Static IP address) using SEP Console:

  • Go to Policies -> Intrusion Prevention : Select your policy and right click Edit.
  • In the Intrusion Prevention section, click to Enabled excluded hosts and open "Excluded Hosts" Section
  • Click Add and enter the IP of the scanner(s), then click ok to save.
  • Once policy is saved, assign the policy to the relevant client group.


If you do not do this, the following message will be displayed, preventing the agent from correctly monitoring the workstations.




Kind regards,
Henrique Salvador
Domotz Support



Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Create New...