The threat landscape is an ever evolving environment that must be addressed with constant iteration. Since the Cisco Intrusion Prevention System signature configuration has grown over the past few years, the Cisco Security Research and Operations IPS Signature Development Team performed an exhaustive review of the default IPS signature settings currently shipping. As a result of that analysis, the team will be releasing changes to the default signature set via signature updates in a two-phase process over the course of several months.
First, a number of older, low severity signatures will be retired. This process of retiring signatures has already begun and will continue through the end of February 2012. Then we will begin to release a series of new signatures designed to provide enhanced “real world” protection. We wanted to make you aware of this process as you may have observed an increase in signature update activity.
Should you have any questions regarding this process and the rationale behind it, please contact us via the Cisco Support Community for IPS.