[How to whitelist security scanner]

Hm. If I've whitelisted it right, why is it still alerting? I see the link to set a personal exception, but 1) that won't help the other 1,000 customers at the company, and 2) it seems to require admin rights escalation to do it, which won't work for most of them.

[How to whitelist security scanner]

Besides ESET on the endpoints, we also use Tenable as a network security scanner. A number of our endpoints detect and block this scan, putting up scary warnings to the end users: "Network threat blocked; TCP Port Scanning attack; Firewall has blocked an attack attempt to keep your computer protected."

I would like to whitelist the scanner IPs so that we don't get these messages. I thought I figured out how, but it doesn't seem to be working, or not consistently.

I went into Policies > Settings > Firewall > Advanced > IDS Exceptions and added an exception that included the IP addresses of the scanners, telling it to not block and not notify.

Is that the right place for this? Is there some other place I should be whitelisting this scan? Or if that is the right place, am I having a problem with policy delivery or precedence?

thanks.