Configuring the Login Whitelist

You can configure the IP addresses of destination servers, login IP addresses, login usernames, and user behaviors in the whitelist.

If the destination server IP address, login IP address, and username of a login are all whitelisted, this login will be allowed without checking.
After an IP address is added to a whitelist by following the instructions in Adding Login Information to the Login Whitelist, the alarms (if any) that have been generated for the IP address will not be automatically cleared. Handle the alarms by referring to Viewing Intrusion Alarms.

You can add login information to the login whitelist in the following ways:

Add it to the whitelist when handling false alarms of the Brute-force attack and Abnormal login types. For details, see Viewing Intrusion Alarms.
Add it to the login whitelist on the Login Whitelist tab.

Any of the premium, WTP, or CGS editions must be enabled.

Log in to the management console.
In the upper left corner of the page, click , select a region, and choose Security > Host Security Service.
Choose Detection > Whitelists > Login Whitelist to access the Whitelists page, and click Add.

On the displayed page, enter the server IP address, login IP address, and login username.

**Table 1** Login security whitelist parameters
Parameter	Description	Example Value
Server IP Address	IPv4 addresses are supported Single IP addresses, IP address segments, and masks are supported. Use commas (,) to separate them.	192.168.1.1 192.168.2.1-192.168.6.1 192.168.7.0/24
Login IP Address		192.168.1.1 192.168.2.1-192.168.6.1 192.168.7.0/24
Login Username	Current login username	hss_test