It may be possible that the configuration modification made in the IDSMC was not pushed to the sensor, or the push of the configuration to the sensor has failed.
If you are still receiving 2100 alarms from the sensor then ssh to the sensor and type of the following commands:
configure terminal
service virtual-sensor-configuration virtualSensor
tune-micro-engines
sweep.host.icmp
signatures SIGID 2100
show settings
Look at the setting for the Enabled parameter:
Enabled: True
If it is set to True then the configuration change to Disable the signature did not get properly pushed to the sensor.
If it is set to False then the configuration change to Disable the signature did get pushed to the sensor. If Enabled is set to False, but the sensor continues to generate 2100 alarms then contact the TAC.
NOTE: If instead of Disabling the signature you meant that the signature was Filtered through IDS MC then could be that the generated alarms are not being properly matched by the created filter.
This often happens when enough of the alarms are firing to cause the alarm to go into Global Summary Mode where the IP Addresses are being replaced with 0.0.0.0 and will not match the filters you had created. In these scenarios it is best to Disable the signature, or configure the signature with the highest possible ChokeThreshold to prevent it from going into Global Summary mode.
I would need to see the actual alarms being created and the output from the following commands on the sensor to determine what is happening:
configure terminal
service alarm-channel-configuration virtualAlarm
tune-alarm-channel
show settings