Defining NIS exceptions

Updated: February 1, 2011

Applies To: Forefront Threat Management Gateway (TMG)

This topic describes how to exclude network entities from Network Inspection System (NIS) scans. A typical entity that you might want to exclude is a detection IP address, which is an isolated, unprotected IP address used by a firewall administrator to learn about various network attacks.

To exempt network entities from Network Inspection System scans

  1. In the Forefront TMG Management console, in the tree, click the Intrusion Prevention System node.

  2. Click the Network Inspection System (NIS) tab, and on the Tasks tab, click Define Exceptions.

  3. On the Exceptions tab, click Add, and then select the network entities you want to exclude from inspection.

    Tip

    If you want to remove a network entity from the list, select it, and click Remove.

  4. When finished, on the Apply Changes bar, click Apply.

Concepts

Configuring protection from known vulnerabilities