Exclusions list consists of entries that you may use to allow or restrict connections destined to specified host(s), IP address(es), and domain(s)
You can define an exclusion as
Whitelist is an allowed destinations list and your users that match the policy can reach the destinations placed in this list without any restrictions.
Blacklist is the blocked destinations list that can never be accessed by your users that match the policy.
Exclusions take precedence over all your Security / App / Web rules.
You can employ exclusions to fine-tune Sensei's detecting behavior. By defining exclusions you can not only reduce false positives but also meet exceptional business requirements.
You can exclude an IPv4/ IPv6 address, domain, or hostname from scanning threats. These exclusions will apply to all devices in your network that match the related policy.
To manage your exclusions in a policy,
- Select the policy name in the
Policieslist view of a node
- Navigate to the
To add an exclusion,
- Enter an IP address, hostname, or domain
You can enter hostnames, domains, and IP addresses.
Domains match all subdomains.
CIDR notation is acceptable for IP addresses.
For example: host.sub.domain.com, domain.com, 172.16.1.1, 10.10.0.0/16.
- Select the
typeof Exclusion. By default, it is
- Enable the
Globaloption if you want to define the exclusion to be applied for all policies on the node.
- Click on the
Figure 1. Managing Exclusions
Figure 2. Exclusion - Black List
Figure 3. Exclusion - Search
You can filter your blacklist/whitelist entries by using search criteria. When you start to type the IP/hostname it will filter out the results instantly.
You can view your exclusions on the
All Exclusion pane. By default both your
Blacklistare displayed in this pane. The following information is provided in the Exclusions list view:
- Hostname/Domain/IP address
- Tag (if
Globaloption is enabled
Globaltag displayed )
- Exclusion Type (Whitelist/Blacklist)
- Admin name(Who defines the exclusion)
- Date (Exclusion creation date)
- Action button (Remove)
Figure 4. Exclusion - White List
Also, you can view your
Whitelist exclusions under the
White list tab or view your
Blacklist exclusions under the
Black list tab in the
All Exclusions pane.
To delete an exclusion in a policy,
- Search the domain/hostname/IP of the exclusion that you want to delete
Click the trash icon in the search result. You will be prompted to as Figure 6.
Removeif you want to delete the exclusion.
Figure 5. Exclusion Delete Warning