A whitelist policy allows you to define a list of IP addresses allowed to communicate with hosts in the Alert Logic Threat Manager protected network. Whitelists help ensure you do not use resources monitoring permitted communication.
Applying a Whitelist Policy to an Agent
Once a whitelist policy is created, the whitelist policy must be assigned to an assignment policy/appliance. The assignment policy then applies the whitelist policy to the agents with that particular assignment policy, and therefore will stop the agent sending the traffic to the appliance.
For procedures on creating a whitelist policy and assigning the policy to an appliance, refer to our Whitelist policies documentation.
Applying a Whitelist Policy to a Span Port/Network
Once a whitelist policy is created, the whitelist policy must be added to a monitoring policy. With this set up, the traffic is dropped when received via a span port and therefore will not be sent to the appliance.
For a procedure on creating a whitelist policy, refer to Create a whitelist policy.
For a procedure on creating a monitoring policy, refer to Create a monitoring policy. Step 7 in the procedure describes how to assign a whitelist policy to the monitoring policy.
For more information about whitelist policies and other Threat Manager policies, refer to our Threat Manager Policies documentation.