Buy or Renew
Buy or Renew
NOTICE: You can now engage in the community. Learn about the great new Cisco Umbrella content.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
391
Views
0
Helpful
1
Replies

Pre IDS Implementation Check List for Sig Tuning

jimmi1015
Level 1
Level 1

‎11-14-2005 04:30 AM - edited ‎03-10-2019 01:45 AM

Hi Experts,

IDS signature tuning can get quite involved.

To make sure nothing important is overlooked, is there a Check List that can be used?

If not, what are some of the critical items that should be known beforehand?

A couple items are obvious e.g. type of OS's used and what servers must never be blocked. But, I'm sure there's a whole list of things that should be considered.

Any feedback would be greatly appreciated.

Labels:
0 Helpful
1 Reply 1

vkapoor5
Level 5
Level 5

‎11-18-2005 07:37 AM

Knowing the behavior of your network and the applications that you are running is very important before signatures can be tuned. To avoid false positive alarms, you may have to observe your network for a while and tune the signatures until you get the desired result. From my experience, signature tuning is a contnious process and has to be monitored on a regular basis.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card