I just installed CISCO ASA 5510 security plus in my network,
I chose very simple configuration,
DMZ security level 50
Added some routes towards inside network
ACL is in place to permit traffic from outside network into DMZ, users will connect to the router via vpn and then will access DMZ servers via ASA
Nothing else is added in the ASA,,
IS THIS CONFIGURATION will be helpful for IDS/IPS Operation,,,
How ASA will upgrade its database??
What else do I need to configure in the ASA to protect it from Intrusions,, viruses etc etc,,,
I am not in the mood of buying CSC SSM security module for spam etc etc,, its very expensive,,,But I can think about it,, as my company can afford it...
Will CSC SSM module will be helpful??