Cisco Security

Cisco Security

Cisco Services for IPS

End of Service / End of Life Notifications for Signature Services for Intrusion Detection and Prevention

Cisco Services for IPS protects and enhances the effectiveness of the Cisco Intrusion Prevention System. Supported by the Cisco Global Security Intelligence organization, Cisco Services for IPS delivers continuously updated, comprehensive, and accurate detection technology to identify and block fast-moving and emerging threats.

End-of-Sale for Cisco Services for Intrusion Prevention System Support Program

The end-of-signature-support date is approaching: April 26, 2018. This will affect Cisco Services for the Intrusion Prevention System (IPS), the Support Program for the Cisco ASA (5500, 5500-X, and 5585-X Series), and the IPS (43xx and 45xx) platforms. Please refer to the following links for details:

Search IPS Signatures

Keyword: Enter keyword(s) on which to search.
Date Range:Select a date range to restrict search to a specific time period.
Advanced Search

Items Per Page:
Showing 1-20 of 10008 | < Previous Next >
  Loading ....

  Loading ....

Download the latest Cisco IPS Signature packages for:


Cisco IPS Appliances and Modules

Cisco Security Manager



  Loading ....

Access to technical IPS information and solutions that help resolve issues that Cisco customers may encounter. Post discussions, documents, comments, and respond to questions regarding your Cisco IPS/IDS equipment or software.

All Content

The 7.3.1 IPS release contains a deployment profile feature (threat profiles) for Edge, Data Center, SCADA, and Web Applications scenarios. As an additional reference point, the IPS Signature Development Team is providing a simple zipped CSV file containing a list of signatures explicitly enabled in each threat profile. An updated file will be available here whenever the threat profiles are updated.

2016-09-01 Version 16 S939
2016-05-19 Version 15 S921
2016-02-10 Version 14 S908
2015-11-10 Version 13 S894
2015-08-11 Version 12 S881
2015-05-06 Version 11 S866
2015-02-04 Version 10 S849
2014-11-05 Version 9 S833
2014-08-06 Version 8 S813
2014-05-13 Version 7 S797
2014-01-17 Version 6 S764

Do you need to report a false positive? If you believe you have identified a benign trigger, please provide the following information and we will determine if the signature can be improved. Include the signature and sub-signature id, traffic sample(s), alert context buffers, and any additional relevant information.

Need a custom signature? Is there specific traffic you want to identify on your network? Do you think that the signature would be useful to other customers? We can provide guidance on developing a custom signature. If it is universally applicable, we may be able to test and maintain it by releasing it in our standard signature set. Please include a detailed summary of the issue, traffic sample, and any associated information you think may be useful.

* indicates a required field
Clear Form