Network Threat Protection Exclusion [MOVED]

[ITme]

Hello, We are using Endpoint Security Cloud, I need to add a network threat protection exclusion for an internal IP internal address, I can see it within the PC versions but this is nowhere to be found within the security profiles within cloud, anyone have any ideas? //Mod Note: moved to proper section.

[Guest #37]

Hi, In the Cloud profile you must create a rule for packages in the firewall. Check: https://help.kaspersky.com/Cloud/1.0/en-US/140895.htm Adding a new rule for network packets and data flows in a security profile for Windows devices https://help.kaspersky.com/Cloud/1.0/en-US/130336.htm Regards

[ITme]

Hello Caos Thank you for your reply, we have added a rule into this already, with the following Action - Allow Name- Direction - Inbound/Outbound Protocol - Any Remote network addresses - Addresses from the list with the server IP and subnet ie 1.1.1.1/24 But this still get blocked by kaspersky:- Network attack detected Event type: Network attack detected Application\Name: Kaspersky Endpoint Security for Windows User: DOMAIN\Username (Active user) Component: Network Threat Protection Result\Description: Blocked Result\Name: Intrusion.Win.CVE-2017-8543.a.exploit.a Object: TCP from 1.1.1.31 to 1.1.1.207:445 Object\Type: Network packet Object\Name: TCP from 1.1.1.31 to 1.1.1.207:445 Object\Additional: 1.1.1.207 Database release date: 03/10/2019 02:58:00 (I've edited username etc.)

[Guest #37]

Hi, Request that the indicated ip be 1.1.1.31 directly. If the problem persist, open a ticket in Kaspersky Company Account, since the attack detected is about a system vulnerability. Regards