This document describes the steps to add an Exempt IP address for a specific threat.
Navigate to GUI: Monitor > Logs > Threat
Hover over the target threat name, a pulldown ▾ icon will show right to the Threat name. Click the ▾ pulldown Icon and select "Exception". This is the threat to which the exempt IP addresses are to be added.
Make sure there is a vulnerability profile associated with a security policy. In this example, the 'test123' vulnerability profile has been applied. At this point, check the box to highlight the profile and add the IP address (as shown in the image below). Click OK. Note: The IP address can be the Victim or Attacker (source address or destination address ) as shown in the following logs.
Confirm the updates by going to the vulnerability profile and clicking on the exceptions tab. From there, click on the 'IP Address Exemptions" applet, as shown below, to verify the changes.
After you verified changes and confirmed IP addresses of hosts are entered correctly, click OK, OK, and Commit this change to Firewall. From now on, traffic to hosts behind IP address(es) added to the list of Exempt IP addresses will not trigger this vulnerability in this security rule. Traffic to all other IP addresses, or traffic hitting different security rules, will still trigger vulnerability action as defined in that security policy.