Cisco Systems ASA 5500 Manual

next previous

19-5

Cisco Security Appliance Command Line Configuration Guide

OL-8629-01

Chapter 19 Managing the AIP SSM and CSC SSM

Managing the CSC SSM

Note If you see the preceding license notice (which displays only in some versions of software), you can

ignore the message until you need to upgrade the signature files on the AIP SSM. The AIP SSM

continues to operate at the current signature level until a valid license key is installed. You can install

the license key at a later time. The license key does not affect the current functionality of the AIP SSM.

Step 3 Enter the setup command to run the setup utility for initial configuration of the AIP SSM:

AIP SSM# setup

You are now ready to configure the AIP SSM for intrusion prevention. See the following guides for AIP

SSM configuration information

• Configuring the Cisco Intrusion Prevention System Sensor Using the Command Line Interface.

• Command Reference for Cisco Intrusion Prevention System

Managing the CSC SSM

This section contains the following topics:

• About the CSC SSM, page 19-5

• Getting Started with the CSC SSM, page 19-7

• Determining What Traffic to Scan, page 19-9

• Limiting Connections Through the CSC SSM, page 19-11

• Diverting Traffic to the CSC SSM, page 19-11

About the CSC SSM

The ASA 5500 series adaptive security appliance supports the CSC SSM, which runs Content Security

and Control software. The CSC SSM provides protection against viruses, spyware, spam, and other

unwanted traffic. It accomplishes this by scanning the FTP, HTTP, POP3, and SMTP traffic that you

configure the adaptive security appliance to send to it.

Figure 19-1 illustrates the flow of traffic through an adaptive security appliance that has the following:

• A CSC SSM installed and setup.

• A service policy that determines what traffic is diverted to the SSM for scans.

In this example, the client could be a network user who is accessing a website, downloading files from

an FTP server, or retrieving mail from a POP3 server. SMTP scans differ in that you should configure

the adaptive security appliance to scan traffic sent from outside to SMTP servers protected by the

adaptive security appliance.

Note The CSC SSM can scan FTP file transfers only when FTP inspection is enabled on the adaptive security

appliance. By default, FTP inspection is enabled.