SECUR Exam Cram™ 2 (Exam 642-501)

Disabling and Excluding Signatures

You can disable signatures globally for all networks and hosts or disable signatures based on the entries in a standard IP access list. Let's first look at disabling signatures globally.

Disabling Signatures Globally

When you disable a signature globally, the router will not compare any packets to the disabled signatures. To disable a signature, you first need to know the signature number. Visit http://www.cisco.com and review the IOS Firewall IDS documentation to get this number.

The syntax to globally disable a signature is

Router(config)# ip audit signature sig-id disable

Let's assume that you have a spam-filtering application on your email server. There is no reason to keep the spam signature enabled, ...

Get SECUR Exam Cram™ 2 (Exam 642-501) now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

SECUR Exam Cram™ 2 (Exam 642-501) by Raman Sud, Ken Edelman

Disabling and Excluding Signatures

Disabling Signatures Globally

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly