Fortinet black logo

Online Help

Allowlist Configuration

Copy Link
Copy Doc ID cf00dcb1-0886-11ed-bb32-fa163e15d75b:364420

Allowlist Configuration

Allowlist enables users to create IP allow lists to prevent application system internal IPs from triggering suspicious movement policies, thus eliminating false positive alerts.

There are two steps involved in creating allow lists for internal IPs. The targeted IPs needed to be created in IP collection first in order to create white lists for the internal IPs.

Create IP Collection

  1. Go to POLICIES > Collection.
  2. Click on +Create New button in IP Collection.
  3. In IP Collection Name field, give a name to the Collection IP. For example, "John IP".
  4. Fill in the IP address. For Example, enter "73.63.218.XX", click Mask or End IP drop down menu and select Mask, then fill in "24".
  5. Click +Add New to add more IP addresses. (Optional)
  6. Click on Create New IP Collection to complete adding the new IP Collection.

Create Allowlist

  1. Go to POLICIES > Threat Detection > Allowlist tab.
  2. Click +Create New.
  3. Fill in a name in Allolist Name.
  4. Click Associate with IP Collection drop down menu select the IP Collection created earlier.
  5. Click Associate with Applicable Policy drop down menu to select a policy, e.g. suspicious movement policy will mark the IP collection as IPs that will not be triggered by the policy.
  6. Click Create New Allowlist button to complete adding the Allow list.

Allowlist Configuration

Allowlist enables users to create IP allow lists to prevent application system internal IPs from triggering suspicious movement policies, thus eliminating false positive alerts.

There are two steps involved in creating allow lists for internal IPs. The targeted IPs needed to be created in IP collection first in order to create white lists for the internal IPs.

Create IP Collection

  1. Go to POLICIES > Collection.
  2. Click on +Create New button in IP Collection.
  3. In IP Collection Name field, give a name to the Collection IP. For example, "John IP".
  4. Fill in the IP address. For Example, enter "73.63.218.XX", click Mask or End IP drop down menu and select Mask, then fill in "24".
  5. Click +Add New to add more IP addresses. (Optional)
  6. Click on Create New IP Collection to complete adding the new IP Collection.

Create Allowlist

  1. Go to POLICIES > Threat Detection > Allowlist tab.
  2. Click +Create New.
  3. Fill in a name in Allolist Name.
  4. Click Associate with IP Collection drop down menu select the IP Collection created earlier.
  5. Click Associate with Applicable Policy drop down menu to select a policy, e.g. suspicious movement policy will mark the IP collection as IPs that will not be triggered by the policy.
  6. Click Create New Allowlist button to complete adding the Allow list.