Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
749
Views
0
Helpful
1
Replies

What are security signatures? How do they help in averting threat?

Go to solution
ranjipremandrewp
Level 1
Level 1

‎05-24-2014 11:03 PM - edited ‎03-10-2019 06:12 AM

What are security signatures? How do they help in averting threat?

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Rahul Chhabra
Level 1
Level 1

‎11-15-2014 09:45 AM

Hi,

Cisco devices use signature-based technology to detect network intrusions(attacks).
These signatures detect the network intrusion type with the help of its Sensors as they scans network packets while scanning packets they uses their signatures to detect the intrusion type like: denail-of-service attack (DoS).

The Sensor works like virus checking programs. The IPS carries a set of different signatures that sensor uses to with network activity. when a match is found, the sensor will take necessary action like logging or as defined in policies.

We can also modify the signatures according to our need.
To configure a sensor to monitor traffic for a particular signature, you must enable the signature. By default the most critical signatures are enabled. when an attack is detected that matches an enabled signature, the sensor generates an alert.

Cisco IPS contains 10,000 in-built signatures which you can not edit or delete.

Regards,
Rahul Chhabra
Network Engineer
Spooster IT Services

 

 

View solution in original post

0 Helpful
1 Reply 1

Go to solution
Rahul Chhabra
Level 1
Level 1

‎11-15-2014 09:45 AM

Hi,

Cisco devices use signature-based technology to detect network intrusions(attacks).
These signatures detect the network intrusion type with the help of its Sensors as they scans network packets while scanning packets they uses their signatures to detect the intrusion type like: denail-of-service attack (DoS).

The Sensor works like virus checking programs. The IPS carries a set of different signatures that sensor uses to with network activity. when a match is found, the sensor will take necessary action like logging or as defined in policies.

We can also modify the signatures according to our need.
To configure a sensor to monitor traffic for a particular signature, you must enable the signature. By default the most critical signatures are enabled. when an attack is detected that matches an enabled signature, the sensor generates an alert.

Cisco IPS contains 10,000 in-built signatures which you can not edit or delete.

Regards,
Rahul Chhabra
Network Engineer
Spooster IT Services

 

 

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card