cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
481
Views
0
Helpful
1
Replies

Trend Micro InterScan CSC SSM Reporting

nmoore1978
Level 1
Level 1

I replaced a SonicWall 4060 Pro with dual Cisco ASA 5520s and the CSC SSM modules. I need to know how to run web usage reports on all HTTP traffic. Right now I can only find violation reports through Control Manager, which I am currently evaluating. I'm not interested in the threat, spam, spyware reports. I want to know what traffic is passing through the firewall and be able to match the traffic with an internal IP address if my HR department requests it.

Any and all information is appreciated!

1 Reply 1

Kevin Redmon
Cisco Employee
Cisco Employee

This is currently not supported on the CSC module itself - it will only log denied flows.

There are a number of options available to determine what IP addresses access devices outside the ASA. You can monitor the connection syslogs - this will not provide the hostname on the outside but will provide the inside IP address, the translation, and destination IP address. If you enable 'inspect http', this command will create a syslog with each URL access (however, enabling this feature may have adverse effects on some websites). Implementing NetFlow (available in ASA version 8.2) will give you the ability to more easily watch flows.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: