Cisco FirePOWER ASA 5500 series Configuration Manual page 386
Security appliance command line
Hide thumbs
Also See for FirePOWER ASA 5500 series:
- Datasheet (20 pages) ,
- Configuration manual (1140 pages)
Table of Contents
Advertisement
Managing the CSC SSM
Note
DNS server IP address.
•
HTTP proxy server IP address (required only if your security policies require use of a proxy server
•
for HTTP access to the Internet).
Domain name and hostname for the SSM.
•
An email address and an SMTP server IP address and port number, for email notifications.
•
IP addresses of hosts or networks allowed to manage the CSC SSM.
•
Password for the CSC SSM.
•
In a web browser, access ASDM for the adaptive security appliance that the CSC SSM is in.
Step 4
Note
For more information about enabling ASDM access, see the
section on page
Step 5
Verify time settings on the adaptive security appliance. Time setting accuracy is important for logging
of security events and for automatic updates of CSC SSM software.
•
If you manually control time settings, verify the clock settings, including time zone. Choose
Configuration > Properties > Device Administration > Clock.
•
If you are using NTP, verify the NTP configuration. Choose Configuration > Properties > Device
Administration > NTP.
In ASDM, run the Content Security setup wizard. To do so, access the ASDM GUI in a supported web
Step 6
browser and on the Home page, click the Content Security tab. The Content Security setup wizard runs.
For assistance with the Content Security setup wizard, click the Help button.
Note
On the ASA 5500 series adaptive security appliance, identify traffic to divert to the CSC SSM (as
Step 7
described in the
(Optional) Review the default content security policies in the CSC SSM GUI. The default content
Step 8
security policies are suitable for most implementations. Modifying them is advanced configuration that
you should perform only after reading the Trend Micro InterScan for Cisco CSC SSM Administrator
Guide.
You review the content security policies by viewing the enabled features in the CSC SSM GUI. The
availability of features depends on the license level you purchased. By default, all features included in
the license you purchased are enabled.
With a Base License, the features enabled by default are SMTP virus scanning, POP3 virus scanning and
content filtering, webmail virus scanning, HTTP file blocking, FTP virus scanning and file blocking,
logging, and automatic updates.
Cisco Security Appliance Command Line Configuration Guide
22-8
The SSM management port IP address must be accessible by the hosts used to run ASDM.
The IP addresses for the SSM management port and the adaptive security appliance
management interface can be in different subnets.
If you are accessing ASDM for the first time, see the Cisco ASA 5500 Series Adaptive Security
Appliance Getting Started Guide for assistance with the Startup Wizard.
40-3.
If you are accessing ASDM for the first time, see the Cisco ASA 5500 Series Adaptive Security
Appliance Getting Started Guide for assistance with the Startup Wizard.
"Diverting Traffic to the CSC SSM" section on page
Chapter 22
Managing AIP SSM and CSC SSM
"Allowing HTTPS Access for ASDM"
22-11).
OL-10088-01
Advertisement
Table of Contents
Troubleshooting
