The toughest part is you need to get the signature right (based off snort syntax) otherwise it will not work or work improperly. If you look at the admin and install guide for SEP 12.1, appendix E, starting on page 1121 it gives a lot of good info on the syntax for custom IPS. It's a good start.
The pro is that you are ahead of the curve and have protection right away.
If you have a test lab than you are going in the right direction as you can quickly confirm that your signatures are working.