38-10
User Guide for Cisco Security Manager 4.4
OL-28826-01
Chapter 38 Defining IPS Signatures
Configuring Signatures
Enabling and Disabling Signatures
You can enable and disable individual signatures. Your change takes effect when you redeploy the
configuration to the device.
If a signature is disabled, it appears in the table overlain with hash marks. When you deploy the
configuration, disabled signatures are removed from the device.
Disabling signatures is useful when you want to reduce the number of signatures used by a device, or if
you want to temporarily stop using a custom signature without deleting it. You can later reenable a
signature that you disabled.
Note You can enable a signature that is retired, but it then is not used to scan traffic, because it is not in the
signature micro-engine. If you want a sensor to scan network traffic for a particular signature, you must
enable it and not retire it. The AIP-SSC-5 does not support enabling a signature that is retired.
Step 1 Do one of the following:
(Device view) Select IPS > Signatures > Signatures from the Policy selector.
(Policy view, IPS appliances and service modules) Select IPS > Signatures > Signatures, then
select an existing policy or create a new one.
(Policy view, Cisco IOS IPS devices) Select IPS (Router) > Signatures, then select an existing
policy or create a new one.
The Signature page appears; see Signatures Page, page 38-4.
Deployed Level This column displays the patch level that is currently running on the
selected device.
Major Update Identifies the major update level.
Minor Update Identifies the minor update level.
Service Pack Identifies the service pack level.
Patch Identifies the patch level.
Engine Identifies the engine level.
Signature Update Identifies the signature update level.
Note This field is the only field on this page that applies to the IOS
IPS devices; all of the other fields are exclusive to IPS devices.
Revert button If you mistakenly modify Applied Level, allows you to discard that new
Applied Level; clicking Revert syncs the Applied Level to the
Deployed Level.
Tip A warning dialog appears before performing Revert. Also, a
warning dialog appears asking you to submit the activity.
Table38-3 Update Level Dialog Box (Continued)
Element Description