Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

IPS Signature

Hi,

I am having Cisco 4255 IPS in my office. Nowadays, for protecting against WannaCry, it is recommended to list of signatures into the IPS. I am having the list of signatures available. So please guide me to put the same into the IPS...?

Regards,

Manoj Rajan 

1 REPLY
Hall of Fame Super Silver

Moved discussion to Security

Moved discussion to Security > IPS forum for correct placement.

The "wannacry" ransomware is an exploit which is addressed in Cisco IPS Signature file 982, as noted in this Cisco security response bulletin:

https://tools.cisco.com/security/center/content/CiscoSecurityResponse/cisco-sr-20170515?vs_f=Cisco%20Security%20Response&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=MS17-010%20(Ransomware%20WannaCry)%20Impact%20to%20Cisco%20Products&vs_k=1.

To update your IPS 4255 appliance you require a current subscription / support contract. With that, you can download the signature and install it on the IPS using cli, Cisco IPS Device Manager (IDM), IPS Manager Express (IME) or Cisco Security Manager (CSM).

The download can be found here:

https://software.cisco.com/download/release.html?mdfid=286129615&flowid=49062&softwareid=282549755&release=S982&relind=AVAILABLE&rellifecycle=&reltype=latest

Additional details for installation are in the readme file included on the signature file download page:

http://www.cisco.com/web/software/282549755/138269/IPS-sig-S982.readme.txt

170
Views
0
Helpful
1
Replies
CreatePlease to create content