10-15-2008 04:27 AM - edited 03-10-2019 04:19 AM
i want to buy a cisco ips but i want to get answers of my questions before certain decide for buy it.
i want to know how many rule currently exist in cisco ips signature database?
and can i write my own rule and add to cisco ips device(such as Snort)?
10-15-2008 04:57 AM
yes you may create your own signature using (Customer signature Wizard) , there are around 60000 default signatures approx
10-15-2008 10:41 AM
Are you sure about that figure? I would expect something like 3000 signatures.
And yes you can create your own signatures, clone/modify existing signatures. There is even a wizard which lets you do this.
Regards
Farrukh
10-15-2008 12:28 PM
is around 60000 or 3000?
these are very different.
an important thing of an intrusion system
is number of rule that supported and the status of rule update engine.for example in snort we have currently around 15000 rules and update around 100 rules per month.i want to know about update support and number of cisco ips rules that currently exist.is any related link that published from cisco systems?
thanks.
10-16-2008 10:17 AM
hey Folks...did I say 60000..my bad..what I meants was the Customer Signature ID for Custom Signatures starts with 60000 and onwards...
There are 1000 default built in Signatures in latest version IPS 6.x
http://www.cisco.com/en/US/docs/security/ips/6.0/configuration/guide/cli/cliSgDef.html
hope it helps !
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: