cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
313
Views
0
Helpful
1
Replies

Query on SSM (as IPS) on ASA (5505/5510/5520)

mvsheik123
Level 7
Level 7

Hi All,

I have ASA terminating the VPN clients (remote access or L2L vpn), and if I have SSM installed on ASA (to act as IPS), will this ASA successfully be able to perform real-time spam/virus filtering even for the encrypted traffic that is coming through the remote client VPN or client via L2L vpn.? if so, any special license also needed for the ASA..?

Thank you in advance

MS

1 Reply 1

bnidacoc
Level 1
Level 1

I would suspect the module would analyze because it is my experience that inbound traffic on an interface is decrypted, then ACLs are applied on the decrypted traffic. And as people here have said that the IPS works post ACL, I believe that inbound traffic is processed like this; decryption -> access control -> inspection.

However, you mention spam and I am not sure if you are talking about the IPS modules, as I had thought they did not prevent spam. Although they could prevent some malicious attachments.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: