We use Symantec Endpoint Protection v11.
We are attempting to perform employee Phishing testing via Core Impact as follows:
1. Test Phishing emails are initiated from Core Impact, to select employees.
2. Once an employee clicks an embedded hyperlink (which resolves to "
http://<Core Impact Device's IP Address/..."), they are redirected back through the Core Impact device (all behind the firewall) to a designated URL (e.g.
www.Google.com or an Intranet page).
3. Core impact notes which employee(s) click the link.
The issue I'm seeing is that, in doing its job, Symantec is blocking step #2 at the clients.
We've found that, by temporarily disabling "Network Threat Protection" on a client workstation, everything works correctly
How can I create an exclusion (or whitelist) to state that access to "
http://<Core Impact Device's IP Address/...") is allowed?
Thank you