Promotional banner image

Upgrade for Free

Cybercrime is evolving. So is your protection. *Offer for existing members for the remainder of your subscription. Terms apply.

Applicable for: Mac

Learn more about Norton Intrusion Prevention on Mac

Intrusion Prevention protects you from attacks when you are online. It scans network traffic for attack signatures, such as social threats and outbound attacks that identify attempts to exploit vulnerabilities in your operating system or a program you use. To keep you secure, Intrusion Prevention discards packets from computers that try to send data with known attack signatures. It blocks connections to those computers.

Intrusion Prevention does the following automatically:

  • Helps block internet attacks aimed at taking advantage of vulnerable programs.

  • Helps prevent your Mac from connecting to infected computers.

  • Helps prevent your Mac from connecting to unsafe IP addresses.

Manage Norton Intrusion Prevention settings on Mac

Default settings are recommended for most users. If you want to turn off a feature temporarily, turn it on as soon as possible.

To change Intrusion Prevention settings:

  1. Open your Norton device security product.

  2. On the left pane, click Security.

  3. In the Security dashboard, click Intrusion Prevention.

  4. In the Settings tab, enable or disable the slider next to each setting to specify your preferred options:

    • Intrusion Signatures: Scans network traffic for attack signatures, discards packets from attackers, and blocks connections to them.

    • Remote Access Protection: Helps prevent your Mac from connecting to unsafe IP addresses.

      When Intrusion Signatures and Remote Access Protection are turned off, your Mac is not adequately protected from Internet threats and security risks. It is always recommended to keep both features turned on.

  5. If you want to view the list of suspicious remote connection attempts to your Mac, in the Intrusion Prevention window, click the Blocked connections tab.

Exclude an attack signature or a URL from Norton Intrusion Prevention scans on Mac

You can choose whether you want to protect your Mac from all the attack signatures or only from the selected signatures. In some cases, benign network activity can appear to be like an attack signature. You might receive repeated notifications about possible attacks. If you know that the attacks that trigger these notifications are safe, you can create an exclusion list for the signature that matches the benign activity.

  1. Open your Norton device security product.

  2. On the left pane, click Security.

  3. In the Security dashboard, click Intrusion Prevention.

  4. Click the Exclusions tab and click Add exclusion.

  5. In the Exclusion text box, enter a trusted IP address or URL you want to exclude from the Intrusion Prevention scans.

  6. Select whether you need to apply it for Intrusion Signature and Remote Access Protection, then click Add exclusion.

  7. If prompted, enter your Mac administrator password and click OK.

  8. If you want to remove an exclusion, in the Exclusions window, hover your cursor over the relevant exclusion file and then click Remove (the remove icon).

DocID: v20240116193358489
Last modified: 07/18/2025

Was this article helpful?

Need more help?

Download
Manage my account
Buy & renew
Contact us
Community
Support scams
Norton rescue tools
Think you have virus?
Problem launching on Windows