Chapter 11. Signature Configuration

Upon completion of this chapter, you will be able to perform the following tasks:

Identify the major sensor system variables
Configure the sensor system variables
Identify signature groups
Explain event filters
Configure event filters
Tune existing signatures
Explain custom signatures
Identify steps involved in creating custom signatures
Create custom signatures

To minimize false positives, Cisco IDS uses various signature engines that enable you to tune signatures to your unique network environment. These signature engines use various parameters to define the behavior of the signatures, enabling you to easily create custom signatures especially suited for your own network architecture or tweak existing signatures to ...

Get CCSP Self-Study: Cisco Secure Intrusion Detection System (CSIDS) now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

CCSP Self-Study: Cisco Secure Intrusion Detection System (CSIDS) by Earl Carter

Chapter 11. Signature Configuration

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly