ASA as a UTM: Anti Virus, Worms and Spyware ?

Unanswered Question
Jan 2nd, 2009
User Badges:


I am looking into a 'Secure VPN' solution for Remote Access, only a small solution 10-20 users.

I have two main objectives :

To use SSL Technology, to ensure data confidentiality and more importantly, a solution to ensure VPN traffic is clean and scrubbed of any Malware. (it's imperative worms/viruses/malware are not spread into our datacentre from remote users). The solution must be provided on a cost affective budget.

Question: Will a ASA55XX armed with a IPS module (SSM-AIP) be sufficient for a "ANTI-X" UTM device ?

As I understand, the IPS module will protect against Worms, but not Anti-Virus and Spyware ?

Any Help would be really appreciated.



  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
JORGE RODRIGUEZ Fri, 01/02/2009 - 12:39
User Badges:
  • Green, 3000 points or more


You are probably looking at a CSC-SSM solution for content secirity which is porbably more afordable for the size of users than a NAC solution or IPS solution for remote access, thats my opinion.

Content Secuirty CSC-SSM, have a look at CSC module and what it can provide in terms of content security and anti-virus

Also Network Admission control is another solution but I believe is for a much larger infrastructure

You could implement SSL technology for example using annyconnect client in FULL tunnel mode and have complete control of VPN traffic in conjunction with CSC-SSM module.


mcroft Wed, 01/14/2009 - 12:05
User Badges:

Thank you for the response.

My only concearn is that the CSC-SSM does not catch worms, I would needs the IPS module to protect my servers from worms......

and the ASA5510 only allows one module, so its either the AIM-IP "or" the SSM.



This Discussion