<div>
<div class="content wysiwyg-content">
I recently installed an AIP-SSM-20 in my ASA5520. &nbsp;I have it configured in promiscuous mode right now, so it just alerts, doesn't block. &nbsp;I am using the Cisco IPS Manager Express to manage the sensor. &nbsp;I would like to eventually put the device in inline mode to block packets, but I want to do it the safest way possible. &nbsp;What is the best approach for signature tuning? &nbsp;I see now, that I have a lot of alerts, most of which are known good traffic. &nbsp;What is the best approach in this situation. &nbsp;I don't want to put the sensor in inline mode and this known good traffic be blocked.
</div>
</div>


I recently installed an AIP-SSM-20 in my ASA5520.  I have it configured in promiscuous mode right now, so it just alerts, doesn't block.  I am using the Cisco IPS Manager Express to manage the sensor.  I would like to eventually put the device in inline mode to block packets, but I want to do it the safest way possible.  What is the best approach for signature tuning?  I see now, that I have a lot of alerts, most of which are known good traffic.  What is the best approach in this situation.  I don't want to put the sensor in inline mode and this known good traffic be blocked.

Cisco AIP-SSM and Inline mode

Cisco PIX is a dedicated hardware firewall appliance; the Cisco Adaptive Security Appliance (ASA) is a firewall and anti-malware security appliance that provides unified threat management and protection the PIX does not. Other Cisco devices and systems include routers, switches, storage networking, wireless and the software and hardware for PIX Firewall Manager (PFM), PIX Device Manager (PDM) and Adaptive Security Device Manager (ASDM).

Cisco

Network security consists of the policies adopted to prevent and monitor authorized access, misuse, modification, or denial of a computer network and network-accessible resources. Network security involves the authorization of access to data in a network, and covers a variety of computer networks; conducting transactions and communications among businesses, government agencies and individuals. Networks can be private, such as within a company, and others which might be open to public access.

Network Security

Security is the protection of information systems from theft or damage to the hardware, the software, and the information on them, as well as from disruption or misdirection of the services they provide. The main goal of security is protecting assets, and an asset is anything of value and worthy of protection.  Information Security is a discipline of protecting information assets from threats through safeguards to achieve the objectives of confidentiality, integrity, and availability or CIA for short. On the other hand, disclosure, alteration, and disruption (DAD) compromise the security objectives.