O'Reilly logo

CCNP Security IPS 642-627 Quick Reference, Second Edition by Gary Halleen, Michael Watkins

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 3. Cisco Intrusion Detection and Prevention Signatures

Configuring Signatures and Alerts

Signatures are the foundation of an intrusion prevention system (IPS). This chapter shows you how to tune and configure signatures to control how the sensor behaves. There are default signatures, tuned signatures (default signatures that you have modified), and your own custom signatures. Most built-in signatures generate an alert when fired.

Event actions can be defined either per signature, or as part of an event action override policy. When possible, it is simpler to manage using the policy.

Frequent configuration tasks include enabling or disabling signatures and defining the actions that should occur upon firing.

To access the signatures for ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required