Does anyone out there know where I can find SNORT rules or ISS RealSecure TRONS to sniff out Win32.SoBig.E ?

I have been digging around on Google and beating up ISS tech. support and we are comming up dry.

Pretty mind-bending...All the $$$ we spent on IDS and we can't find a way to use the IDS to help control a virus infection.

Thanks in Advance!