Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1262
Views
0
Helpful
1
Replies

IPS Signature

chakrapani
Level 1
Level 1

‎05-15-2017 11:23 PM - edited ‎03-10-2019 06:50 AM

Hi,

I am having Cisco 4255 IPS in my office. Nowadays, for protecting against WannaCry, it is recommended to list of signatures into the IPS. I am having the list of signatures available. So please guide me to put the same into the IPS...?

Regards,

Manoj Rajan 

Labels:
0 Helpful
1 Reply 1

Marvin Rhoads
Hall of Fame
Hall of Fame

‎05-16-2017 04:42 AM

Moved discussion to Security > IPS forum for correct placement.

The "wannacry" ransomware is an exploit which is addressed in Cisco IPS Signature file 982, as noted in this Cisco security response bulletin:

https://tools.cisco.com/security/center/content/CiscoSecurityResponse/cisco-sr-20170515?vs_f=Cisco%20Security%20Response&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=MS17-010%20(Ransomware%20WannaCry)%20Impact%20to%20Cisco%20Products&vs_k=1.

To update your IPS 4255 appliance you require a current subscription / support contract. With that, you can download the signature and install it on the IPS using cli, Cisco IPS Device Manager (IDM), IPS Manager Express (IME) or Cisco Security Manager (CSM).

The download can be found here:

https://software.cisco.com/download/release.html?mdfid=286129615&flowid=49062&softwareid=282549755&release=S982&relind=AVAILABLE&rellifecycle=&reltype=latest

Additional details for installation are in the readme file included on the signature file download page:

http://www.cisco.com/web/software/282549755/138269/IPS-sig-S982.readme.txt

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card