As far as I can tell there isn't a way to whitelist an IP in the Threat Protection (Snort IPS/IDS). What are you doing when it comes to performing vulnerability scans on your network because of this limitation? Do you have a workaround? I'm only using the MX line of Meraki products.
The only option I can think of is to change the mode from "Prevention" to "Detection" for the duration of the scan. Then at least it wont attempt to stop it - only log it.
Create a group policy and apply it to the clients that will be in the test, schedule it for the days and times for the test as well and disable AMP. I suspect IDS/IPS is disabled when AMP is inactive. Not sure but give this a test. Make a wish to include IPS/IDS controls in the Group Policy options.
I've filled out the 'Make A Wish' for this same reason. I like the idea someone mentioned about using detect instead of prevent, but we have too many networks to do this manually each time.
Get notified when there are additional replies to this discussion.