cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Selectively disabling threat protection (AMP & IDS/IPS) with group policy

SOLVED
Highlighted
Here to help

Selectively disabling threat protection (AMP & IDS/IPS) with group policy

Hi All,

 

It looks like it's possible to disable Advanced Malware Protection (ie. HTTP file download inspection) at a group policy level, but not Intrusion detection and prevention (SNORT) - does anyone know if it's possible to do this somehow?

 

Use case is a firewall with lots of guest internet users connected to one subnet that we're not interested in protecting, but we are interested in protecting admin users on a separate subnet.

 

 

Thanks,

 

Jonathan

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted
Meraki Employee

Re: Selectively disabling threat protection (AMP & IDS/IPS) with group policy

The group policy is able to override AMP setting but not IDS / IPS.

There is no exclusion of IDS / IPS for particular subnet or IP address is available at this moment.

 

IDP / IPS works between LAN port and Internet ports, and also between VLANs (Subnets).

Thus, the setting is enabled / disabled network-wide for detection / prevention to work for securing the entire network.

View solution in original post

2 REPLIES 2
Highlighted
Getting noticed

Re: Selectively disabling threat protection (AMP & IDS/IPS) with group policy

I believe you can apply a certain Policy per subnet, its on the Addressing and VLAN part of the meraki

Highlighted
Meraki Employee

Re: Selectively disabling threat protection (AMP & IDS/IPS) with group policy

The group policy is able to override AMP setting but not IDS / IPS.

There is no exclusion of IDS / IPS for particular subnet or IP address is available at this moment.

 

IDP / IPS works between LAN port and Internet ports, and also between VLANs (Subnets).

Thus, the setting is enabled / disabled network-wide for detection / prevention to work for securing the entire network.

View solution in original post

Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.