Need help for buy a cisco ips

solaris249 · ‎10-15-2008

i want to buy a cisco ips but i want to get answers of my questions before certain decide for buy it.

i want to know how many rule currently exist in cisco ips signature database?

and can i write my own rule and add to cisco ips device(such as Snort)?

abinjola · ‎10-15-2008

yes you may create your own signature using (Customer signature Wizard) , there are around 60000 default signatures approx

Farrukh Haroon · ‎10-15-2008

Are you sure about that figure? I would expect something like 3000 signatures.

And yes you can create your own signatures, clone/modify existing signatures. There is even a wizard which lets you do this.

Regards

Farrukh

solaris249 · ‎10-15-2008

is around 60000 or 3000?

these are very different.

an important thing of an intrusion system

is number of rule that supported and the status of rule update engine.for example in snort we have currently around 15000 rules and update around 100 rules per month.i want to know about update support and number of cisco ips rules that currently exist.is any related link that published from cisco systems?

thanks.

abinjola · ‎10-16-2008

hey Folks...did I say 60000..my bad..what I meants was the Customer Signature ID for Custom Signatures starts with 60000 and onwards...

There are 1000 default built in Signatures in latest version IPS 6.x

http://www.cisco.com/en/US/docs/security/ips/6.0/configuration/guide/cli/cliSgDef.html

hope it helps !