Filter Exceptions (specific): Allows traffic that would normally trigger a filter to pass between specific addresses or address ranges without triggering the filter. Configured from the Filter Edit page, these exceptions apply only to the filter where they were configured.
Limit Filter to IP Addresses (global): Only apply filters to traffic between specified source and destination IP address pairs. You can configure IP address limits that apply to all the following filter types: Application Protection, Traffic Normalization, and Network Equipment Protection filters. You can configure separate limits that apply only to Performance Protection filters.
Exceptions (global): Exclude traffic between specified source and destination IP address pairs. You can configure exceptions for the following filter types: Application Protection, Traffic Normalization, Network Equipment Protection, and Performance Protection filters. These exceptions are global for all specified filters.
How To: Configure Global IP Address Limits and Exceptions
1. From the LSM menu, click IPS > Security Profiles.
2. On the Security Profiles page, click on the name of the security profile that you want to edit.
3. In the Limits/Exceptions section, add IP addresses to Application Protection Filter Exclusives, Application Protection Filter Exceptions, and Performance Protection Filter Exclusives:
a. Enter the Source Address. Source and Destination IP Addresses can be entered in CIDR format, as "any", or as *.
b. Enter the Destination Address.
c. Click Add to table below.
d. Repeat this process for each IP address exception required.
4. Click Apply.
How To: Delete a Global Limit/Exception Setting
1. From the LSM menu, click IPS > Security Profiles.
2. On the Security Profiles page, click on the name of the security profile that you want to edit.
3. In the Limits/Exceptions section, review the global limit and exception address entries.
4. Click Delete to delete an entry.
5. Click Apply.
Reference: Local Security Manager User's Guide
