• Home
  • Systems
  • Networking
  • WordPress
  • Web
  • Geekery

Analysis and Review

Why does Cisco Retire IPS signatures?

April 2, 2009 by Kurt Turner

Retiring of a signature is done by Cisco when the signature is no longer needed (generally the vulnerability is fairly old, the majority of systems have been upgraded to newer versions, and the attack is rarely if ever being seen on the Internet anymore).

One of the main reason for doing this is that retired signatures will not use CPU cycles. Retiring a signature will force a recompilation of the cache to prevent the sensor from wasting resources on this signature. A disabled signature will use CPU cycles and memory but won’t fire; the signature is still a part of the compiled cache.. So we “retire” these signatures that are not needed anymore in order to improve sensor performance.

You can “unretire” signatures if you are still running those applications with the vulnerability being protected against. All signatures “retired” by Cisco will also be “disabled”. If a user chooses to “unretire” a signature, the user should also “enable” the signature.

Filed Under: Networking

Latest and Greatest

Apache vs Nginx for WordPress

Certbot Lets Encrypt And WordPress MU Multi-Site

How To Find and Replace Multiple File in MS Word

How To Get Stretch Res on Windows 10 AMD Radeon For Game Play

This is the ASUS Chromebox we've been running for 2 years as our "brain" for our home grown digital display kiosk.

DIY Digital Signage Bulletin Board or Kiosk

© Copyright Analysis And Review · All Rights Reserved ·