19-6
Cisco Security Appliance Command Line Configuration Guide
OL-8629-01
Chapter 19 Managing the AIP SSM and CSC SSM
Managing the CSC SSM
Figure 19-1 Flow of Scanned Traffic with CSC SSM
You use ASDM for system setup and monitoring of the CSC SSM. For advanced configuration of content
security policies in the CSC SSM software, you access the web-based GUI for the CSC SSM by clicking
links within ASDM. Use of the CSC SSM GUI is explained in the Cisco Content Security and Control
SSM Administrator Guide.
Note ASDM and the CSC SSM maintain separate passwords. You can configure their passwords to be
identical; however, changing one of these two passwords does not affect the other password.
The connection between the host running ASDM and the adaptive security appliance is made through a
management port on the adaptive security appliance. The connection to the CSC SSM GUI is made
through the SSM management port. Because these two connections are required to manage the CSC
SSM, any host running ASDM must be able to reach the IP address of both the adaptive security
appliance management port and the SSM management port.
Figure 19-2 shows an adaptive security appliance with a CSC SSM that is connected to a dedicated
management network. While use of a dedicated management network is not required, we recommend it.
Of particular interest in Figure 19-2 are the following:
• An HTTP proxy server is connected to the inside network and to the management network. This
enables the CSC SSM to contact the Trend Micro update server.
• The management port of the adaptive security appliance is connected to the management network.
To permit management of the adaptive security appliance and the CSC SSM, hosts running ASDM
must be connected to the management network.
• The management network includes an SMTP server for email notifications for the CSC SSM and a
syslog server that the CSC SSM can send syslog messages to.
148386
Security Appliance
Main System
Request sent
Client
Reply forwarded
inside
modular
service
policy
Request forwarded
Reply sent
CSC SSM
Serve
Diverted Traffic
content security scan
outside
