Network Attack Alert! notification during scanning through vulnerability scanner

[Faizan Siddiuqi 1]

Hi, 

we have Vulnerability scanner  installed on a system where ESET endpoint antivirus also installed, but when we run the scan lot of detections appeared in  Detection tab and it sent Network attack Alert notification. 

so my question is can we add the  scanner system as an exception in this detection rule??

[Marcos 5,074]

You can temporarily disable Network attack protection before running a vulnerability scan:

[Faizan Siddiuqi 1]

ok, but can't we put this in exception?

 

[Marcos 5,074]

You can create temporary exceptions but temporarily disabling NAP is much easier and quicker since you need to disable it only for a short time.

[Faizan Siddiuqi 1]

Can we add it in IDS rule? 

[Marcos 5,074]

There are many attacks that are detected by NAP. Why do you prefer creating numerous exceptions that you would remove after running a vulnerability scan?

[Faizan Siddiuqi 1]

Actually we run scanner after every 15 days, we dn't want to enable or disable NAP manually every time. 

[Marcos 5,074]

You can create IDS exceptions only for "attacks" from the IP of the machine on which the vulnerability scan is run.

[Faizan Siddiuqi 1]

Thanks Marcos!