Managing The Csc Ssm - Cisco FirePOWER ASA 5500 series Configuration Manual
Security appliance command line
Hide thumbs
Also See for FirePOWER ASA 5500 series:
- Datasheet (20 pages) ,
- Configuration manual (1140 pages)
Table of Contents
Advertisement
Chapter 22
Managing AIP SSM and CSC SSM
If you see the preceding license notice (which displays only is some versions of software), you can
Note
ignore the message until you need to upgrade the signature files on the AIP SSM. The AIP SSM
continues to operate at the current signature level until a valid license key is installed. You can install
the license key at a later time. The license key does not affect the current functionality of the AIP SSM.
Step 3
Enter the setup command to run the setup utility for initial configuration of the AIP SSM:
AIP SSM# setup
You are now ready to configure the AIP SSM for intrusion prevention. See the following two guides for
AIP SSM configuration information:
•
•
Managing the CSC SSM
This section contains the following topics:
•
•
•
•
•
About the CSC SSM
The ASA 5500 series adaptive security appliance supports the CSC SSM, which runs Content Security
and Control software. The CSC SSM provides protection against viruses, spyware, spam, and other
unwanted traffic. It accomplishes this by scanning the FTP, HTTP, POP3, and SMTP traffic that you
configure the adaptive security appliance to send to it.
Figure 22-1
•
•
In this example, the client could be a network user who is accessing a website, downloading files from
an FTP server, or retrieving mail from a POP3 server. SMTP scans differ in that you should configure
the adaptive security appliance to scan traffic sent from outside to SMTP servers protected by the
adaptive security appliance.
The CSC SSM can scan FTP file transfers only when FTP inspection is enabled on the adaptive security
Note
appliance. By default, FTP inspection is enabled.
OL-10088-01
Configuring the Cisco Intrusion Prevention System Sensor Using the Command Line Interface
Cisco Intrusion Prevention System Command Reference
About the CSC SSM, page 22-5
Getting Started with the CSC SSM, page 22-7
Determining What Traffic to Scan, page 22-9
Limiting Connections Through the CSC SSM, page 22-11
Diverting Traffic to the CSC SSM, page 22-11
illustrates the flow of traffic through an adaptive security appliance that has the following:
A CSC SSM installed and setup.
A service policy that determines what traffic is diverted to the SSM for scans.
Cisco Security Appliance Command Line Configuration Guide
Managing the CSC SSM
22-5
Advertisement
Table of Contents
Troubleshooting
