CSM signature policy creation

Unanswered Question
Jun 22nd, 2007

As I said in my previous post today, we are evaluating CSM for 50 IDS/IPS 4000/IDSM sensors. Questions about policy management:

Can I take the default policy, modify signatures and deploy it down to the sensor?

Or, do I have to clone every signature in the default policy, and create a new policy and then deploy it?

When you add a device into the CSM that already has a local policy, it appears the signatures are read-only. How would I change the settings, example, add a logging parameter and then re-deploy?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)


This Discussion