Follow

Bypassing all traffic from one host from Application Layer Scanning

There are a multitude of reasons to bypass a host from being scanned by the rack applications/modules. Some traffic may experience poor performance or quality as the scanning can interfere with the traffic (VoIP for example) Other traffic may not require any scanning to be performed. Some servers and commonly printers can be safely bypassed. Lowering the number of hosts/devices on your network being scanned/filtered can also assist in keeping your installation in compliance with licensing as bypassed traffic does not towards the host count.

To bypass one host on your network completely, you must create two separate rules; one with the 'source address' conditional to bypass all traffic originating from the host, and the second with the 'destination address' conditional to bypass all traffic destined for the host.

 

Rule 1 Bypass Source:


Clicking the image above will load it, full-size, in a new window. 

 

Rule 2 Bypass Destination:


Clicking the image above will load it, full-size, in a new window. 

 

For more on bypass rules and rule creation:

https://wiki.untangle.com/index.php/Bypass_Rules

https://wiki.untangle.com/index.php/Rules

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

Comments

Powered by Zendesk