Filter
Top Products
Chapter 9 Configuring the AIP SSM
AIP SSM Configuration
9-2
Cisco ASA 5500 Series Adaptive Security Appliance Getting Started Guide
78-17611-01
This section includes the following topics:
• Overview of Configuration Process, page 9-2
• Configuring the ASA 5500 to Divert Traffic to the AIP SSM, page 9-2
• Sessioning to the AIP SSM and Running Setup, page 9-5
Overview of Configuration Process
Configuring the AIP SSM is a three-part process that involves configuration of the
adaptive security appliance first, then configuration of the AIP SSM, and then the
configuration of the IPS software:
1. On the ASA 5500 series adaptive security appliance, identify traffic to divert
to the AIP SSM (as described in the “Configuring the ASA 5500 to Divert
Traffic to the AIP SSM” section on page 9-2).
2. On the AIP SSM, configure the inspection and protection policy, which
determines how to inspect traffic and what to do when an intrusion is
detected.
3. Configure the IPS software that runs on the AIP SSM. Information about the
IPS software is beyond the scope of this document. Detailed information
about IPS software configuration is available in the following separate
documentation that came with your IPS product:
• Configuring the Cisco Intrusion Prevention System Sensor Using the
Command Line Interface
• Cisco Intrusion Prevention System Command Reference
Configuring the ASA 5500 to Divert Traffic to the AIP SSM
You use MPF (Modular Policy Framework) commands to configure the adaptive
security appliance to divert traffic to the AIP SSM. This procedure provides
sufficient information to configure a simple set of policies in an AIP SSM
deployment. If you want to create a more complex set of policies, read the
Modular Policy Framework chapter in Cisco Security Appliance Command Line
Configuration Guide which introduces Modular Policy Framework concepts and
common commands.