https://community.cisco.com/t5/network-security/sig0/m-p/2127301#M54408 <P>hello</P><P></P><P>i am using the IPS module (ASA-SSM-10) in the cisco firewall ASA5510 with the default signature :sig0</P><P>i noted that some DDoS and Virus/worms/trojans are not activated by default in sig0</P><P>i wonder why? i think they are high risk issues. and is it a best practice to enable them?</P><P></P><P>thanks</P> Sun, 10 Mar 2019 12:49:24 GMT ohassairi 2019-03-10T12:49:24Z https://community.cisco.com/t5/network-security/sig0/m-p/2127301#M54408 <P>hello</P><P></P><P>i am using the IPS module (ASA-SSM-10) in the cisco firewall ASA5510 with the default signature :sig0</P><P>i noted that some DDoS and Virus/worms/trojans are not activated by default in sig0</P><P>i wonder why? i think they are high risk issues. and is it a best practice to enable them?</P><P></P><P>thanks</P> Sun, 10 Mar 2019 12:49:24 GMT https://community.cisco.com/t5/network-security/sig0/m-p/2127301#M54408 ohassairi 2019-03-10T12:49:24Z https://community.cisco.com/t5/network-security/sig0/m-p/2127302#M54409 <HTML><HEAD></HEAD><BODY><P>The signatures are basically sent to the customer in a default or base state. If you feel that you need to enable those signatures, then by all means, go ahead. That is why they are there. It is not a 'one size fits all' out of the box database configuration.</P><P></P><P>You, as a user, have the choice to enable them or disable them. It depends on your environment as to how you wish to implement. Tweak the signatures where you feel they need tweaking. </P></BODY></HTML> Wed, 14 Nov 2012 15:58:23 GMT https://community.cisco.com/t5/network-security/sig0/m-p/2127302#M54409 turnera 2012-11-14T15:58:23Z