Deep Security 11 has reached end of support. Use the version selector (above) to see more recent versions of the Help Center.
Allow trusted traffic to bypass the firewall
You can set up Deep Security to allow trusted traffic to bypass the firewall.
To configure this, the basic steps are as follows:
- Create a new IP list of trusted traffic sources
- Create incoming and outbound firewall rules for trusted traffic using the IP list
- Assign the firewall rules to a policy used by computers that trusted traffic flows through
After the firewall rules have been assigned to a policy, Deep Security will allow traffic from trusted sources in the IP list and will not scan the traffic for stateful issues or vulnerabilities.
Create a new IP list of trusted traffic sources
- Click Policies.
- In the left pane, click Lists > IP Lists.
- Click New > New IP List.
- Enter a name for the IP list.
- Paste the IP addresses for your trusted sources into the IP(s) box, one per line.
- Click OK.
Create incoming and outbound firewall rules for trusted traffic using the IP list
- Click Policies.
- In the left pane, click Rules.
- Click Firewall Rules > New > New Firewall Rule.
- Create a firewall rule for incoming trusted traffic using the values in the below:
Name: source name Traffic - Incoming Action: Bypass Protocol: Any Packet Source: IP List (select the IP list created above) - Create a firewall rule for outgoing trusted traffic using the values in the below:
Name: source name Traffic - Outgoing Action: Bypass Protocol: Any Packet Destination: IP List (select the IP list created above)
Assign the firewall rules to a policy used by computers that trusted traffic flows through
- Click Policies.
- In the left pane, click Policies.
- Double-click a policy to open its properties window.
- In the left pane of the policy's properties window, click Firewall.
- Click Assign/Unassign.
- Ensure your view at the top left shows All firewall rules.
- Use the search window to find the rules you created and select them.
- Click OK.
- Repeat the steps above for each computer that trusted traffic flows through.