IOS-based IDS is very limited in its features. You can't add your own signatures. The sigs are inbuilt within the IOS code, so no modifications can be made or new ones added.
Up till 12.2(15)T it only had 59 signatures, in this release we came out with an additional 42 sigs making the current total 101. This is still far short of the 900-odd a true IDS sensor will look for, but basically the router CPU just isn't built to compare so many packets with so many signatures.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...