Allow trusted traffic to bypass the firewall
You can set up Deep Security to allow trusted traffic to bypass the firewall.
To configure this, the basic steps are as follows:
- Create a new IP list of trusted traffic sources
- Create incoming and outbound firewall rules for trusted traffic using the IP list
- Assign the firewall rules to a policy used by computers that trusted traffic flows through
After the firewall rules have been assigned to a policy, Deep Security will allow traffic from trusted sources in the IP list and will not scan the traffic for stateful issues or vulnerabilities.
Create a new IP list of trusted traffic sources
- Click Policies.
- In the left pane, click Lists > IP Lists.
- Click New > New IP List.
- Enter a name for the IP list.
- Paste the IP addresses for your trusted sources into the IP(s) box, one per line.
- Click OK.
Create incoming and outbound firewall rules for trusted traffic using the IP list
- Click Policies.
- In the left pane, click Rules.
- Click Firewall Rules > New > New Firewall Rule.
- Create a firewall rule for incoming trusted traffic using the values in the below:
Name: source name Traffic - Incoming Action: Bypass Protocol: Any Packet Source: IP List (select the IP list created above) - Create a firewall rule for outgoing trusted traffic using the values in the below:
Name: source name Traffic - Outgoing Action: Bypass Protocol: Any Packet Destination: IP List (select the IP list created above)
Assign the firewall rules to a policy used by computers that trusted traffic flows through
- Click Policies.
- In the left pane, click Policies.
- Double-click a policy to open its properties window.
- In the left pane of the policy's properties window, click Firewall.
- Click Assign/Unassign.
- Ensure your view at the top left shows All firewall rules.
- Use the search window to find the rules you created and select them.
- Click OK.
- Repeat the steps above for each computer that trusted traffic flows through.