Operation: Add Custom Signature / Update custom signature
Description: To Create/Update Custom Signature for Proprietary Sever, custom protocol or specialized applications and protect network. 

Sample Configuration
<IPSCustomSignature> <Name>SignatureName</Name> <Protocol>TCP/UDP/ICMP/ALL</Protocol> <CustomRule>SignatureDefinition</CustomRule> <Severity>Critical/Major/Moderate/Minor/Warning</Severity> <RecommendedAction>Allow Packet/Drop Packet/Drop Session/Reset/Bypass Session</RecommendedAction> </IPSCustomSignature>

Parameter Mandatory Default Description
Specify a name for the Custom Signature.
Name confines to:
  • Type is 'SCALAR'.
  • Datatype is 'STRING'.
  • Maximum characters allowed are 15.
Select Signature Protocol from the options available.
Protocol confines to:
  • Type is 'SCALAR'.
  • Only 'TCP', 'UDP', 'ICMP', 'ALL' are allowed.
Custom RuleYes  
Specify Signature definition.
Custom Rule confines to:
  • Type is 'SCALAR'.
  • Datatype is 'STRING'.
  • To separate letters, use a dot (.).
Select the Severity level from the options available.
Severity confines to:
  • Type is 'SCALAR'.
  • Only 'Critical', 'Major', 'Moderate', 'Minor', 'Warning' are allowed.
Select the action to be taken if traffic pattern matching to the Signature is found.
Action confines to:
  • Type is 'SCALAR'.
  • Only 'Allow Packet', 'Drop Packet', 'Drop Session', 'Reset', 'Bypass Session', '3' are allowed.

Operation   Status   Message
Add Custom Signature200
Add Custom Signature500
Add Custom Signature502
Add Custom Signature504
Add Custom Signature505
Update custom signature200
Update custom signature500
Update custom signature502
Update custom signature504
Update custom signature505

© Copyright 2019 Sophos Firewall Limited. All rights reserved.
Sophos Firewall is registered trademarks of Sophos Firewall Limited and Sophos Firewall Group. All other product and company names mentioned are trademarks or registered trademarks of their respective owners.
No part of this publication may be reproduced, stored in a retrieval system, or transmitted, in any form or by any means, electronic, mechanical, photocopying, recording or otherwise unless you are either a valid licensee where the documentation can be reproduced in accordance with the license terms or you otherwise have the prior permission in writing of the copyright owner.