Cisco ASA 5505 Configuration Manual page 1150

Asa 5500 series

Hide thumbs Also See for ASA 5505:

Getting started manual (168 pages)

Administrator's manual (118 pages)

Hardware installation manual (82 pages)

Table of Contents

Configuring the AIP SSM/SSC

Change to each context to configure the IPS security policy as described in

SSM/SSC" section on page

What to Do Next

Change to each context to configure the IPS security policy as described in

SSM/SSC" section on page

Diverting Traffic to the AIP SSM/SSC

This section identifies traffic to divert from the adaptive adaptive security appliance to the AIP

Prerequisites

In multiple context mode, perform these steps in each context execution space.

Detailed Steps

In the ASDM Device List pane, double-click the context name under the active device IP address >

Click Configuration > Firewall > Service Policy Rules.

You can edit an existing rule or create a new one:

Click the Intrusion Prevention tab.

You can also set other feature actions for the same traffic using the other tabs.

Check the Enable IPS for this traffic flow check box.

In the Mode area, click Inline Mode or Promiscuous Mode.

In the If IPS Card Fails area, click Permit traffic or Close traffic.

The Close traffic option sets the adaptive security appliance to block all traffic if the AIP SSM/SSC is

unavailable.

The Permit traffic option sets the adaptive security appliance to allow all traffic through, uninspected, if

the AIP SSM/SSC is unavailable.

(AIP SSM Only) From the IPS Sensor to use drop-down list, choose a virtual sensor name.

Cisco ASA 5500 Series Configuration Guide using ASDM

For an existing rule, choose the rule and click Edit.

The Edit Service Policy Rule dialog box appears.

For a new rule, choose Add > Add Service Policy Rule.

The Add Service Policy Rule Wizard - Service Policy dialog box appears. Complete the Service

Policy and Traffic Classification Criteria dialog boxes. See the

Through Traffic" section on page 29-8

Policy Rule Wizard - Rule Actions dialog box.

"Operating Modes" section on page 54-2

Configuring the IPS Application on the AIP SSM and SSC

"Adding a Service Policy Rule for

for more information. Click Next to show the Add Service

for more details.

"Diverting Traffic to the AIP

Show Quick Links

Chapters

Table of Contents

Asa 5510 Asa 5540 Asa 5520 Asa 5550 Asa 5580

Cisco ASA 5505 Configuration Manual page 1150

Hide quick links:

Chapters

Related Manuals for Cisco ASA 5505

Related Products for Cisco ASA 5505

This manual is also suitable for:

Table of Contents