ASA-5510 and AIP-SSM

Gerard Gacusan · ‎01-19-2008

anyone try to test the AIP-SSM in a lab environment sending Denial of Service, worm virus and see how the IPS respond the attacks?

any sample config pls?

sadbulali · ‎01-24-2008

In order to create a global service policy that identifies traffic to be scanned, complete these steps:

In the main ASDM window, choose the Configuration tab.

Choose Security Policies, and then click the Service Policy Rules radio button.

Click Add.

The Add Service Policy Rule appears.

In the Service Policy page, click the Global - applies to all interfaces radio button.

Choose Next. The Traffic Classification Criteria page appears.

In the Traffic Classification Criteria page, click the User class-default as the traffic class radio button.

Choose Next. The Add Service Policy Rule Wizard - Rule Actions page appears.

In the Service Policy Rule Wizard, choose the CSC Scan tab.

On the CSC Scan tab page, check the Enable CSC scan for this traffic flow check box.

In the If CSC card fails, then area, choose whether the adaptive security appliance should permit or deny selected traffic if the CSC SSM is unavailable.

Choose Finish.

The new service policy appears in the Service Policy Rules pane.

Choose Apply.

In order to configure additional CSC SSM features in ASDM, which includes content filtering, click the Configuration or Monitoring tab, then choose the Trend Micro Content Security tab.

Refer to the Diverting Traffic to CSC SSM section of Managing AIP SSM and CSC SSM for more information on how to configure ASA to send traffic to CSC SSM with the use of the command line.

Gerard Gacusan · ‎01-24-2008

thanks for your response. I've been looking for the CSC SSM functionality but it's not in ASDM ...not sure if additional image or license required.