add threat-prevention ips network-exception

Description

Adds a new exception rule for the IPS blade. To create exceptions for specific protections use protection code.

Syntax

add threat-prevention ips network-exception [ protection-code <protection-code> ] [ destination <destination> ] [ destination-negate <destination-negate> ] [ service <service> ] [ service-negate <service-negate> ] [ source <source> ] [ source-negate <source-negate> ] [ comment "<comment>" ]

Parameters

Parameter	Description
comment	Configures the comment text for the IPS Network exception. A string that contains less than 257 characters, of this set: `a-z` (lower-case letters) `A-Z` (upper-case letters) `0-9` (digits) '`,`' (comma) '`.`' (period) '`-`' (minus) '`(`' (opening round bracket) '`)`' (closing round bracket) '`:`' (colon) '`@`' (at)
destination	Network object that is the target of the connection
destination-negate	If true, the destination is all traffic except what is defined in the destination field Type: Boolean (true/false)
protection-code	Indicates if the exception rule will be matched on all IPS protections or a specific one
service	Type of network service that is under exception
service-negate	If true, the service is everything except what is defined in the service field Type: Boolean (true/false)
source	Network object or user group that initiates the connection
source-negate	If true, the service is everything except what is defined in the service field Type: Boolean (true/false)

Example

add threat-prevention ips network-exception protection-code 123435 destination TEXT destination-negate true service TEXT service-negate true source TEXT source-negate true comment "This is a comment"