- Do not utilize Intrusion Prevention in the parent partition.
- Utilize Intrusion Prevention in the parent partition, but utilize the Firewall policy assigned to the Agent in the parent partition to bypass incoming and outgoing traffic for the IPs of the VMs being hosted. This can be accomplished through the use of two Bypass rules - one for incoming and one for outgoing - that operate on the destination IP range of guests for incoming traffic, and the source IP range of guests for outgoing traffic. The use of Bypass skips the Intrusion Prevention rule processing, thus preventing duplicate inspection of the traffic in both the parent partition and guest virtual machine.
Need More Help?
Create a technical support case if you need further support.
Deployment recommendations for Deep Security on Microsoft Hyper-V
Thank you for your feedback!