Is there way to exempt a vulnerability scanner from screen options? I see that the syn-flood option has a specific white list, however I am looking for something with a more blanket approach. Specifically our scanner keeps getting hung up in the TCP port scan, UDP sweep, TCP sweep, and ICMP sweep screens. As far as I can tell there is no way to exempt just the source IP of the vulernability scanner. I have the screen applied to my untrust zone and the scanner is in the trust zone. Thanks!
↧