Print Download Documentation Send Feedback

Previous

Next

New Exceptions Group

What can I do here?

Use this window to create a Threat Prevention exception group.

Getting Here

Getting Here - Security Policies > Threat Prevention > Exceptions > New

Exception Groups

An exception group is a container for one or more exceptions. You can attach an exception group to all rules or only to some rules. With exception groups, you can manage your exceptions more easily, because you can attach the same exception group to multiple rules, instead of manually define exceptions for each rule.

The Exception Groups pane shows a list of exception groups that were created, the rules that use them, and any comments related to the defined group. The Exceptions Groups pane contains these options:

Option

Meaning

New

Creates a new exception group.

Edit

Modifies an existing exception group.

Delete

Deletes an exception group.

Search

Search for an exception group.

Global Exceptions

The system comes with a predefined group named Global Exceptions. Exceptions that you define in the Global Exceptions group are automatically added to every rule in the Rule Base. For other exception groups, you can decide to which rules to add them.

Exception Groups in the Rule Base

Global exceptions and other exception groups are added as shaded rows below the rule in the Rule Base. Each exception group is labeled with a tab that shows the exception group's name. The exceptions within a group are identified in the No column using the syntax:
E - <rule number>.<exception number>, where E identifies the line as an exception. For example, if there is a Global Exceptions group that contains two exceptions, all rules show the exception rows in the Rule Base No column as E-1.1 and E-1.2. Note that the numbering of exception varies when you move the exceptions within a rule.

To view exception groups in the Rule Base:

Click the plus or minus sign next to the rule number in the No. column to expand or collapse the rule exceptions and exception groups.

Creating Exception Groups

When you create an exception group, you create a container for one or more exceptions. After you create the group, add exceptions to them. You can then add the group to rules that require the exception group in the Threat Prevention Rule Base.

To create an exception group:

  1. In SmartConsole, select Security Policies > Threat Prevention > Exceptions.
  2. In the Exceptions section, click New.
  3. In Apply On, configure how the exception group is used in the Threat Prevention policy.
    • Manually attach to a rule - This exception group applies only when you add it to Threat Prevention rules.
    • Automatically attached to each rule with profile - This exception group applies to all Threat Prevention rules in the specified profile.
    • Automatically attached to all rules - This exception group applies to all Threat Prevention rules.
  4. Click OK.
  5. Install the Threat Prevention policies.
Adding Exceptions to Exception Groups

To use exception groups, you must add exception rules to them.

To add exceptions to an exception group:

  1. In SmartConsole, select Security Policies > Threat Prevention > Exceptions.
  2. In the Exceptions section, click the exception group to which you want to add an exception.
  3. Click Add Exception Rule.
  4. Configure the settings for the new exception rule.
  5. Install the Threat Prevention policy.
Adding Exception Groups to the Rule Base

You can add exception groups to Threat Prevention rules. This only applies to exception groups that are configured to Manually attach to a rule.

To add an exception group to the Rule Base:

  1. Click Security Policies > Threat Prevention > Policy.
  2. Right-click the rule and select Add Exception Group > <group name>.
  3. Install the Threat Prevention policies.