AIP-SSM and CSC-SSM together in a network

Unanswered Question
Feb 28th, 2008
User Badges:

First time am here so plz forgive me if there is any mistakes from my side.


I want to implement Itrusion Prevention and Anti X features in a network, i prefer ASA and SSM modules, how can i install it successfully, is it possible in single ASA device otherwise how can i connet two ASAs to meet the purpose.

Thank You

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
fropert Sat, 03/08/2008 - 06:47
User Badges:

Hello,


That's incorrect.

Considering you want ASA technology, two appliances are needed.The first with AIP and the second with CSC.


AIP-SSM and CSC-SSM are slotable in ASA 5510, 5520 and 5540.


Thanks.

shijomon scaria Mon, 03/17/2008 - 22:55
User Badges:

Hello Sir,

I need both AIP-SSM and CSC-SSM together in a network, it is not possible to insert both in a single divice, isn't it? So i have to use two ASAs right ? So my question is how can i connet both the devices physically in a network, i need to pass the traffice from one to another...

Thank U

jens.becker Wed, 03/19/2008 - 04:04
User Badges:

Why don't you choose one ASA with CSC-SSM for Anti-X functions as Firewall.

For deeper Packet-Inspection i can recommend a seperate IPS-System, for example a prodoct of the Cisco IPS 4200 family.

You can work with SPAN (Switched Port Analyzer) on the Perimeter Switches for sending traffic to the IPS-System before entering the local network.


Traffic-Map:


Outside <-> ASA w. CSC <-> IPS <-> Local Network


Actions

This Discussion