Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
517
Views
0
Helpful
2
Replies

signature recommendations for ASA-SSM-10

tguadagno
Level 1
Level 1

‎03-19-2015 06:00 AM - edited ‎03-10-2019 06:20 AM

hi, I was wondering if anyone has recommendations on what sigs to enable on the ASA-SSM-10.......I know.... to a certain extent, 'it depends'  on your individual environment.  But I think it must be the case that there are some disabled sigs that are good to enable..right?  I was hoping to tap into the 'group mind' on what works well.

 

Also, why not enable all?  I am assuming the ASA-SSM-10 probably cannot keep up with that level of inspection??

 

 

thanks in advance

Labels:
0 Helpful
2 Replies 2

androdri
Level 1
Level 1

‎03-22-2015 07:49 AM

The signature configuration on the ssm-10 has been configured for performance and coverage, you can enable more signature, but like you mention it depends on individual environments and what your needs are.  Please do not enable all signature as this will cause issues with IPS detection.

0 Helpful

tguadagno
Level 1
Level 1
In response to androdri

‎03-23-2015 11:56 AM

androdri,

  Thanks for your reply.  I have some followup questions.

 

1.  I noticed that any signature that is disabled is listed as retired....does retired mean disabled or something else (like not needed any more).

2.  it seems like most of the malware sigs are disabled, i would think that if you are in a user environment, you would want those on, is there an example of a situation that you would not want them on....how do you know if you have a problem if you don't look.

 

thanks

 

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card