Jump to content

Network Threat Protection Exclusion [MOVED]


Go to solution Solved by Guest #37,

Recommended Posts

Posted
Hello, We are using Endpoint Security Cloud, I need to add a network threat protection exclusion for an internal IP internal address, I can see it within the PC versions but this is nowhere to be found within the security profiles within cloud, anyone have any ideas? //Mod Note: moved to proper section.
Posted
Hi, In the Cloud profile you must create a rule for packages in the firewall. Check: https://help.kaspersky.com/Cloud/1.0/en-US/140895.htm Adding a new rule for network packets and data flows in a security profile for Windows devices https://help.kaspersky.com/Cloud/1.0/en-US/130336.htm Regards
Posted
Hello Caos Thank you for your reply, we have added a rule into this already, with the following Action - Allow Name- Direction - Inbound/Outbound Protocol - Any Remote network addresses - Addresses from the list with the server IP and subnet ie 1.1.1.1/24 But this still get blocked by kaspersky:- Network attack detected Event type: Network attack detected Application\Name: Kaspersky Endpoint Security for Windows User: DOMAIN\Username (Active user) Component: Network Threat Protection Result\Description: Blocked Result\Name: Intrusion.Win.CVE-2017-8543.a.exploit.a Object: TCP from 1.1.1.31 to 1.1.1.207:445 Object\Type: Network packet Object\Name: TCP from 1.1.1.31 to 1.1.1.207:445 Object\Additional: 1.1.1.207 Database release date: 03/10/2019 02:58:00 (I've edited username etc.)
  • Solution
Posted
Hi, Request that the indicated ip be 1.1.1.31 directly. If the problem persist, open a ticket in Kaspersky Company Account, since the attack detected is about a system vulnerability. Regards

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now


×
×
  • Create New...