Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
468
Views
0
Helpful
1
Replies

IME signatures

kope
Beginner
Beginner

‎04-30-2013 01:03 PM - edited ‎03-10-2019 05:57 AM

I noticed my IME has about 6290 signatures available; but I also notices there are only about 3500 signatures enabled; others are not checked.

I believed they are by default for a brand new IPS. Do anyone know why the rest half of those signatures are not enabled? It seems to me that they should all enabled. Is there any performane issue if I enable them all? Just want to check if anyone sees this and like to get an opinion on this.

Thanks,

Labels:
0 Helpful
1 Reply 1

_____Adam
Beginner
Beginner

‎05-01-2013 08:32 AM

The IPS comes preconfigured with a recommended signature set.  The other signatures are not enabled for various reasons.  They may be for very old vulnerabilities, have benign triggers that require manual filtering, or have performance impact.

It is not recommended that you enable them all due to performance.  But if there are particular vulnerabilities you are seeking protection for, you can enable individual sigs without any major performance impact.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Recognize Your Peers
Spotlight Award Nomination
Customers Also Viewed These Support Documents