Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
883
Views
0
Helpful
1
Replies

FireSight recommended signatures

Go to solution
andrew.king
Beginner
Beginner

‎02-27-2017 08:51 AM - edited ‎03-10-2019 06:47 AM

FireSight has a list of signatures that it recommends for disabling. What are the requirements that these signatures meet to be recommended for disabling?

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Dennis Perto
Contributor
Contributor

‎02-27-2017 11:56 PM

It really depends on the rule. 

The recommendation is made having these things in mind; Network Analysis Policy, Host Profiles, "Rule overhead", CVSS score, etc..

If the rule does not have a CVSS score the recommendation is always to disable the rule. Try searching for "blacklist" in the rules. This is not my recommendation. 

View solution in original post

0 Helpful
1 Reply 1

Go to solution
Dennis Perto
Contributor
Contributor

‎02-27-2017 11:56 PM

It really depends on the rule. 

The recommendation is made having these things in mind; Network Analysis Policy, Host Profiles, "Rule overhead", CVSS score, etc..

If the rule does not have a CVSS score the recommendation is always to disable the rule. Try searching for "blacklist" in the rules. This is not my recommendation. 

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Recognize Your Peers
Spotlight Award Nomination
Customers Also Viewed These Support Documents