Enhancement request - exclude specific IPs from specific IDS attack

[eitanc 2]

Hi, I am in a situation where a PC with Internet Security installation is blocked in the home Wi-Fi network, due to "Arp Cache Poisoning" attack, probably because of endpoint moving between hot spots, so it is not a real attack.

Looking for a solution I came across this solution of yours - https://support.eset.com/en/arp-icmp-or-dns-cache-poisoning-attack-in-eset-home-products-for-windows, but it is too general. In today attack options, it is possible that another PC in the local network will be compromised, hence launch attacks against others in the same network, so disabling detection of attacks coming from others in the same LAN is too permissive.

Please add an option to exclude IP/IPs/Subnet for specific attacks. This will give us a more granular control over what is excluded and leave more space to detect other attacks.

Thanks.

 

[Marcos 5,070]

IDS exceptions have always been there if you navigate to the network protection setup:

[eitanc 2]

Cool, so you should add this info to the mentioned KB article