Filter
Top Products
CHAPTER 3: CONFIGURING INTRUSION DETECTION 53
Advanced Intrusion Detection Administration
Advanced administration assists in fine tuning the set of signatures that an intrusion detection
application will use to detect intrusion traffic on the network.
Manage Signatures
The Manage Signatures page allows you to disable specific signatures on a per-appliance basis.
This allows you to disable signatures that may produce false-positive alerts because of conditions
on your network. These settings will take precedence over the broader categories that may be
selected in the Signature Profiler.
1. Click on the Admin tab in the top navigation bar.
2. Click Intrusion Detection Configuration.
3. Click Advanced Security Administration.
4. Click Manage Signatures.
Figure 67 Selecting an Intrusion Detection Appliance for Changing Signature Set
5. Select the appliance you wish to enable/disable signatures for by clicking configure next to it.
Figure 68 Generating New Signature Set
6. After you have finished making any changes to the signature set, you will need to manually
generate a new signature set so that the appliance will get the latest settings. Click generate
new signature set at the bottom of the screen to generate the signature set.
Within several minutes, the signatures will be generated and the CC-NOC will load the new
settings and continue to monitor for security events.