Signature Database Overview
The signature database that Juniper provides contains application and intrusion prevention system (IPS) signatures:
Application signatures are definitions of predefined attacks and applications, and can be used to identify applications for tracking firewall policies and quality-of-service (QoS) prioritization.
IPS signatures are definitions of predefined attack object and attack object groups that you can use in IDP policies to match traffic against known attacks.
Contrail Service Orchestration (CSO) enables users with the Service Provider (SP) administrator role to download the signature database. When you trigger a download, a job is created and the job might take some time to complete. You can track the progress of this job on the Jobs page.
After the signature download operation is complete, predefined signatures (application and IPS) and IPS profiles are available in CSO. You cannot modify predefined signatures or IPS profiles.