Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
333
Views
0
Helpful
3
Replies

VMS Suggestion - Custom Sigs and Sig Upgrades

james.e.mcwilliams
Level 1
Level 1

‎09-25-2003 03:58 PM - edited ‎03-09-2019 04:55 AM

- In VMS when you upgrade the Sigs if you have done any modification to a General Signature's Signature Engine. The mods are not save to the upgraded version. It would be nice if changes to a General Sig was saved to your Custom Sigs.

- The other thing is for Custom Sigs if I am managing 100(s) of sensors and add a Custom Sig to a sensor it only does it for that 1 sensor. I have to build another sig to all the sensors manually if I do not want to corrupt my other Custom/General Sigs on my other devices.

Labels:
0 Helpful
3 Replies 3

nikhil_m
Level 1
Level 1

‎10-01-2003 07:08 AM

For your second question, that is how it should work

0 Helpful

picketfence
Level 1
Level 1

‎10-03-2003 05:53 AM

We conquer your distrubution problem by having two sensors: a 3.X and a 4.X that sit unplugged from sniffing. They act strictly as "distribution" sensors and we tune sigs from there, then copy them to corresponding sites. This seems to work pretty well.

Cheers,

Ben

0 Helpful

ishah
Level 1
Level 1
In response to picketfence

‎10-06-2003 01:20 AM

Hi,

Can you not do the same by just have a couple of dummy sensor definitions in VMS and copy the configs out from there ?

I suspect you have the actual sensors to test the signatures too ?

0 Helpful
Customers Also Viewed These Support Documents