Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
531
Views
0
Helpful
1
Replies

IME signatures

kope
Level 1
Level 1

‎04-30-2013 01:03 PM - edited ‎03-10-2019 05:57 AM

I noticed my IME has about 6290 signatures available; but I also notices there are only about 3500 signatures enabled; others are not checked.

I believed they are by default for a brand new IPS. Do anyone know why the rest half of those signatures are not enabled? It seems to me that they should all enabled. Is there any performane issue if I enable them all? Just want to check if anyone sees this and like to get an opinion on this.

Thanks,

Labels:
0 Helpful
1 Reply 1

_____Adam
Level 1
Level 1

‎05-01-2013 08:32 AM

The IPS comes preconfigured with a recommended signature set.  The other signatures are not enabled for various reasons.  They may be for very old vulnerabilities, have benign triggers that require manual filtering, or have performance impact.

It is not recommended that you enable them all due to performance.  But if there are particular vulnerabilities you are seeking protection for, you can enable individual sigs without any major performance impact.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card