Version recommendation for ASA-5510 (Bases license) + AIP-SSM-10

nasim_nasri · ‎05-25-2008

Dear All,

I need your advice and recommendation related to the ASA and IPS version

I am going to have more then a half a dozen ASA-5510(Baseline) with AIP-SSM-10 implmentation in next 2 days.

Which ASA version is recommended from CISCO version 7.x or Version 8.x. One thing I decided is to go for the IPS version 6.1 (for AIP-SSM10). is there any specific ASA version I should run inorder to run IPS-6.1

Please do advice me

Thanks

oszkari · ‎05-27-2008

Hi,

If you plan to use the virtualization capabilities of the AIP-SSM, eg more than one virtual sensor per device You should use version 8.x, otherwise version 7.x will do the job.

good luck.

nasim_nasri · ‎05-27-2008

Is this virtuallization capability of AIP-SSM is depend on version of the ASA.

I thougth that version 6.1 of IPS is requrired to do virutalization which I am going to install.

I am confused can you please explain this to me in detail

TIA

oszkari · ‎05-27-2008

Hi,

Virtualization support for AIP-SSM was introduced with version 6.x so version 6.1 is cabable of that. Up to four virtual sensors are supported.

The idea behind virtualization is that You can send different class of traffic to different virtual sensors (every sensor with its own signature, rule and anomaly detection definition)

But only in ASA 7.3 and later versions You can specify the name of the virtual sensor to whom You want to send the traffic.

ips {inline | promiscuous][fail-open | fail-close} [sensor sensor_name] <<---

Earlier versions will send all the traffic to the default vs0.(the [sensor sensor_name] option is missing)

As far as I know the latest ASA software is 724 from the 7.x series, so if You want virtualization You must use the 8.x versions.

hth