Possible to "whitelist", IPs so that internal docker-docker communication is not stopped?

Joakim Karlen · April 2023

Hello!

General question that I have not (yet) found any answers to in the documentation.

Situation:

I have a Linux server with some docker containers on it. They have server internal IPs and for some reason, API-calls in between them are regarded as lateral movement by Gravity Zone so calls are quite randomly blocked by Bitdefender.

Is there any way to whitelist communications from certain IPs so order to avoid internal communciations to be regarded as suspect by the product? Right now I have updated the policy on the server and switched off the "Lateral Movement", "Discovery" and "Crimeware" options under Network Protection/Network Attacks, but I would really want to find a config that works instead.

All ideas on how to solve any of this is very appreciated.

/Joakim

Joakim Karlen · April 2023

Some clarification, the server is a VM, in a DMZ, heavily hardened (basically only listening on https ports and with a firewall that only let https in through it, so It should be dead easy for Bitdefender to identify external from internal traffic.

Gjoksi · April 2023

Hello.

Since you need help with business product, @Alex_Dr or @Andra_B (they both provide support for business products) could take a look here and help you with the issue.

Also, you can always contact the Bitdefender business support:

https://www.bitdefender.com/business/support/en/71263-85158-contact.html

Regards.

Alex_Dr · May 2023

Hello @Joakim Karlen,

I do apologize for the late reply.

I have you tried following the steps in the below article to whitelist IPs? (Exclusions in Network Protection) -> https://www.bitdefender.com/business/support/en/77209-88324-network-protection-configuration.html

I await your reply,

Alex D.

Possible to "whitelist", IPs so that internal docker-docker communication is not stopped?

Answers

All Time Leaders

Categories

Defenders of the month