topic Re: Blades bypass on subnet in Spark Firewall (SMB)

Blades bypass on subnet

Naftali_Oziel — Tue, 14 Jul 2020 11:12:15 GMT

Hi,

I have the 1490 local manage standalone. I will utilizing port 6 to do a separate network 10.x.x.x to use for my provider IPTV service and connect a switch. I have my security policy set to standard.

setting up the following inbound rules

IPTV network any any deny - (blocking from this subnet talking to my LAN or DMZ)

IPTV to IPTV network any any allow

outbound is default allow which is fine it needs that.

Questions:

1. is there a way I can exclude the IPTV network from getting inspection from IPS, Anti-bot and URL/APP?

2. Have anyone used the option to bypass IPS on load?

Re: Blades bypass on subnet

PhoneBoy — Tue, 14 Jul 2020 16:05:55 GMT

Where is the IPTV network located in relation to your LAN or DMZ? Internet?
In general, you can set this network as an Exception in the different Threat Prevention options.
Also, if you have a rule that says "any" for that destination at the top of the rulebase, it should not activate App Control/URL Filtering.

Re: Blades bypass on subnet

Naftali_Oziel — Tue, 14 Jul 2020 16:11:32 GMT

I will be using one of the available LAN ports (6) and create a separate network IP schema.