Could anyone please help. I recently installed a PIX 5520 with AIP-SSM-10. I can manage the sensor just fine and am using "configuring Cisco IPS using CLI 6.0" as a reference. I recently downloaded new signatures as sig1 on my sensor. when I enable the sensors and put them in non-blocking mode after an hour they are blocking half of my users to the INternet. How do I fine-tune the 50K new signatures? Are there any really good examples and references you might know about?