Skip to main content



Cisco Defense Orchestrator

Intrusion Prevention System

The Cisco Talos Intelligence Group (Talos) detects and correlates threats in real time and maintains a reputation disposition on billions of files. The Cisco IOS Intrusion Prevention System (IPS) is an inline, deep-packet inspection feature that mitigates attacks on your network by using the threat intelligence data from Talos to accurately identify, classify, and drop malicious traffic in real time.

Cisco Defense Orchestrator (CDO) provides the ability to activate and tune the IPS feature on your Firepower Threat Defense (FTD) devices.

On the main navigation bar, click Signature Overrides and Threat Events to perform these tasks:

  • Resolve inconsistencies in overrides across multiple devices.
  • View and hide threat events.
  • Override how a threat event is handled by changing the rule action.
  • Was this article helpful?