https://community.cisco.com/t5/network-security/ips-signatures-info/m-p/1342832#M76743 <P>Hi,</P><P></P><P>I've recently installed AIP-SSM-20 in the ASA, I need to know the following info.</P><P></P><P>1. Is keeping the latest sig.def file (Sig.420) with default actions, will be sufficient for the protection?</P><P></P><P>2. If I change any one signature behavior, what will happen when Sensor is updated with new sig def file? The signature which is modified will present or it will be over written?</P><P></P><P>Thanks in adv.</P><P></P><P>BR</P> Sun, 10 Mar 2019 11:42:11 GMT aijaz802 2019-03-10T11:42:11Z https://community.cisco.com/t5/network-security/ips-signatures-info/m-p/1342832#M76743 <P>Hi,</P><P></P><P>I've recently installed AIP-SSM-20 in the ASA, I need to know the following info.</P><P></P><P>1. Is keeping the latest sig.def file (Sig.420) with default actions, will be sufficient for the protection?</P><P></P><P>2. If I change any one signature behavior, what will happen when Sensor is updated with new sig def file? The signature which is modified will present or it will be over written?</P><P></P><P>Thanks in adv.</P><P></P><P>BR</P> Sun, 10 Mar 2019 11:42:11 GMT https://community.cisco.com/t5/network-security/ips-signatures-info/m-p/1342832#M76743 aijaz802 2019-03-10T11:42:11Z https://community.cisco.com/t5/network-security/ips-signatures-info/m-p/1342833#M76744 <HTML><HEAD></HEAD><BODY><P>The most current signature release is S413, released 7/13/09. That is your best starting point for coverage. Anaysis and tuning of your signatures over time will improve your ability to detect and react to intrusions.</P><P>Once you modify (tune) a signature, new OS and signature versions should not overwrite your settings. (rarely they do, but that is considered a bug and we yell about those things)</P></BODY></HTML> Wed, 15 Jul 2009 14:06:08 GMT https://community.cisco.com/t5/network-security/ips-signatures-info/m-p/1342833#M76744 rhermes 2009-07-15T14:06:08Z