Thanks Fawad.
Best Regards. ______________________ Adil On Oct 5, 2011, at 11:14 PM, Fawad Khan wrote: > I dont have access to an IOS router to confirm... but I think retired > true/false commands only appear in signature-category, however retired t/f > and enable t/f both appear in signature definition. hope that helps... > > > Please check this link. > http://www.cisco.com/en/US/prod/collateral/iosswrel/ps6537/ps6586/ps6634/prod_white_paper0900aecd805c4ea8.html > > Retire/Unretire signatures > > Retire/unretire is to select/de-select which signatures are being used by IOS > IPS to scan traffic. > Retiring a signature means IOS IPS will NOT compile that signature into > memory for scanning. > Unretiring a signature instructs IOS IPS to compile the signature into memory > and use the signature to scan traffic. > Enable/Disable signatures > > Enable/disable is to enforce/disregard the action(s) associated with the > signatures by IOS IPS when packet or packet flow matches the signatures. > Note: Enable/disable does NOT select/de-select signatures to be used by IOS > IPS. > > Enabling a signature means that when triggered by a matching packet (or > packet flow), the signature takes the appropriate action associated with it. > However, only unretired AND successfully compiled signatures will take the > action when they are enabled. In other words, if a signature is retired, even > though it is enabled, it will not be compiled (because it is retired) and it > will not take the action associated with it. > Disabling a signature means that when triggered by a matching packet (or > packet flow), the signature DOES NOT take the appropriate action associated > with it. In other words, when a signature is disabled, even though it is > unretired and successfully compiled, it will not take the action associated > with it. > > > > > > FNK > > > > On Wed, Oct 5, 2011 at 11:02 PM, Fawad Khan <[email protected]> wrote: > Adil, > > retired TRUE means, that these sig category will not be loaded in the > memory..... > retired false means, that this sig category will be loaded in the memory. > > > > enable true means, that this signature is not only loaded in the memory as > well, but its also functioning. > enabled false means, tthat this signature is only loaded in the memory, but > its NOT functioning at this moment. > > > > Regards, > FNK. > > > > On Wed, Oct 5, 2011 at 9:15 PM, Adil Pasha <[email protected]> wrote: > Guys, > > In YB Lab 2 the solution is: > > category all > retired true > enabled false <<< What if I add this command? Is this correct answer or > wrong answer in real lab? >>> > category ios_ips basic > retired false > enabled false <<< What if I add this command? Is this correct answer or > wrong answer in real lab? >>> > ! > > Best Regards. > ______________________ > Adil > > > _______________________________________________ > For more information regarding industry leading CCIE Lab training, please > visit www.ipexpert.com > > Are you a CCNP or CCIE and looking for a job? Check out > www.PlatinumPlacement.com > >
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
