Legal Disclaimer: The resource assets in this website may include abbreviated and/or legacy terminology for HPE Aruba Networking products. See www.arubanetworks.com for current and complete HPE Aruba Networking product lines and names.
Moving a Threat to Allow List
A user can move a rule from the enforced list to the Allow List to allow the rule which identified the threat. When you move a threat to allow list, the corresponding rule is allow listed and alert is not generated for that rule, and it is applied to all devices of the selected group.
When threat events are moved to allow list on the Threats List table, it signifies that those rules associated with threat events are not used to inspect the network traffic. When this action is performed at Global level, allow listing is automatically inherited by all groups and its corresponding devices.
Rules allow listed at Global level cannot be reverted to enforce list at group or device level. This is a known limitation.
You can also move threats to the allowed list in the policies. For more information, see Manage Rules in IDPS Policies
To move a threat to the , complete the following steps:
- In the WebUI, set the filter to Global or one of the options under groups that has IDPS Intrusion Detection and Prevention System (IDPS) monitors, detects, and prevents threats in the inbound and outbound traffic. Aruba IDPS provides an extra layer of protection that actively analyzes the network and takes actions on the traffic flows based on the defined rules. It inspects data packets, and if any threat is identified, acts real-time to prevent it.-supported gateways.
- Under , select .
- Click the List icon to view the table.
- Select a threat and click the
icon.The window is displayed.
- Click in the pop-up window to move the threat to Allow List.
The Allowlisted policies corresponding to the threat is displayed under Policies > Allow Listed tab. For more information, see Manage Rules in IDPS Policies.
