In the more recent cyberattacks and malware, the servers of the attacker (e.g., C2 servers) play an important role. It is important to use network-based signatures to block malicious communications to reduce the impact. However, the signatures must not block harmless communications during normal business operations. Therefore, signature generation requires a high level of understanding of the business, and highly depends on individual skills. It is necessary to test and ensure that the generated signatures do not interfere with benign communications, which results in high operational costs. We propose SIGMA, a system that automatically generates signatures to block malicious communication without interfering with benign communication and then automatically evaluates the impact of the signatures. SIGMA automatically extracts the common parts of malware communication destinations by clustering them and generating multiple candidate signatures. Thereafter, it automatically calculates the impact on normal communication based on business logs, etc., and presents the final signature that has the highest blockability of malicious communication and non-blockability of normal communication to the analyst. We aim to reduce the human factor in generating the signatures, reduce the cost of the impact evaluation, and support the decision of whether to apply the signatures. In our evaluation, we showed that SIGMA can automatically generate a set of signatures that detect 100% of suspicious URLs with an over-detection rate of just 0.87%, based on the results of 14,238 malware analyses and actual business logs. This result suggests that the cost of generating signatures and evaluating their impact on business operations can be reduced; these are time-consuming and human-intensive processes.