I am looking for some recommended settings or pointers for what to enable on an Internet facing edge router (ISR). Currently the defaults have pretty much been accepted with regards to the IPS setup. The router was configured initially from the CLI and I am happy with this part, but all the IPS stuff was configured from SDM. At the moment it just reports for the 338 default enabled Signatures, however it can be configured to react (drop or reset connections). I am just looking for some recommendations or pointers as to what should be enabled.
I have noticed a performance hit with IPS enabled but nothing too bad, the main bottleneck is the ISP link.