Table of Contents
Advertisement
Import Signatures
Summary/Details Button
Signature List
Enabled
Enabled signatures are indicated with a green icon. If enabled, the actions specified
when the signature is detected is carried out.
Disabled signatures are indicated with a red icon. If disabled, the actions are disabled
and are not be carried out.
Alert (!)
This column may contain the yellow Wait icon. This icon indicates new signatures that
have not been delivered to the router or modified signatures that have not been delivered
to the router.
Sig ID
The numerical signature ID. For example, the sigID for ICMP Echo Reply is 2000.
SubSig ID
The subsignature ID.
Name
The name of the signature, for example ICMP Echo Reply.
Action
The action to take when the signature is detected.
Filter
An ACL associated with the corresponding signature.
Severity
The severity level of the event. Severity levels are informational, low, medium, and high
Engine
The engine to which the signature belongs.
Cisco Router and Security Device Manager Version 2.2 User's Guide
19-44
SDFs are available from Cisco. Click the following URL to download an SDF
from Cisco.com:
http://www.cisco.com/cgi-bin/tablebuild.pl/ios-sigup
Cisco maintains an alert center that provides information on emerging threats. See
Cisco Intrusion Prevention Alert Center
Use this button to display or hide the signatures marked for deletion.
The signature list displays the signatures retrieved from the router, and any
signatures added from an SDF. The list can be filtered using the selection controls.
Chapter 19
Intrusion Prevention System
for more information
OL-4015-08
Advertisement
Table of Contents
Troubleshooting
