An easy approach to creating exceptions is to place agents in Adaptive mode, and allow the agents to automatically create client exception rules to allow non-malicious behavior. All client rules appear on the Client Rules tab of the IPS Rules policy. The Firewall Rules and the Application Blocking Rules policies also display client rules created through Adaptive or Learn mode.
To obtain the most frequently generated rules, use the aggregated view of client rules, which group similar rules. The rules could then be moved to administrative policies.
For details on working with client rules, see: