Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
579
Views
0
Helpful
1
Replies

FMC: Inbound External IP Exclusions

Not applicable

‎07-13-2017 02:00 PM - last edited on ‎03-10-2019 06:53 AM by

Hello,

I need to exclude a few external inbound IPs from triggering Firepower alerts.

What is the best method to accomplish this:  Pass Rule, Access Control Policy - Trust, Whitelist..?

Thank You

Frank

Labels:
0 Helpful
1 Reply 1

Marvin Rhoads
Hall of Fame
Hall of Fame

‎07-13-2017 09:49 PM

Whitelist exempts the address that would otherwise be blacklisted by Security Intelligence.

Trust exempts it from even basic protocol conformance checks and essentially gives it a pass for all manner of tomfoolery.

It's generally better to exempt it from a specific policy/rule using a custom ACP rule while still allowing the other inspections to take place.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card