Chapter 11. Signature Configuration

Upon completion of this chapter, you will be able to perform the following tasks:

  • Identify the major sensor system variables

  • Configure the sensor system variables

  • Identify signature groups

  • Explain event filters

  • Configure event filters

  • Tune existing signatures

  • Explain custom signatures

  • Identify steps involved in creating custom signatures

  • Create custom signatures

To minimize false positives, Cisco IDS uses various signature engines that enable you to tune signatures to your unique network environment. These signature engines use various parameters to define the behavior of the signatures, enabling you to easily create custom signatures especially suited for your own network architecture or tweak existing signatures to ...

Get CCSP Self-Study: Cisco Secure Intrusion Detection System (CSIDS) now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.