AIP-SSM interface

Answered Question
Mar 17th, 2010

What does the interface configuration in AIP-SSM indicates ?

If this indicates that the traffics of this interface will be monitored, then what is the purpose of diverting traffic from asa though policy command.

I have this problem too.
0 votes
Correct Answer by Jennifer Halim about 6 years 7 months ago

Thanks, hope i've answered your questions.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Jennifer Halim Wed, 03/17/2010 - 15:14

The external interface of the AIP-SSM module is purely for management (Command and Control interface). You would need to connect that to your network so you can manage the module (IDM).

uthayaman Mon, 03/22/2010 - 02:16

I understood the AIP-SSM mgmt interface ip configuration.In the setup mode when we configure the aip ssm what does the below option represent.

Modify interface/virtual sensor configuration?[no]: yes

Current interface configuration

 Command control: Management0/0




 Virtual Sensor: vs0

  Anomaly Detection: ad0

  Event Action Rules: rules0

  Signature Definitions: sig0

  [1] Edit Interface Configuration

  [2] Edit Virtual Sensor Configuration

  [3] Display configuration


Jennifer Halim Mon, 03/22/2010 - 02:21

That is the command and control interface, ie: for management of the module (the ip address that you would https/IDM to).

Gig0/1 is the sensing interface, which is connected internally at the backplane of the ASA.

uthayaman Mon, 03/22/2010 - 02:23

Here , the monitored interface represent my ASA's physical interfaces ?

If i have four physical interface on my ASA, whether i need to include all the inteface under this monitored option ?

uthayaman Mon, 03/22/2010 - 02:32

Thx for the reply....

In which cases i have to change the interface settings.

uthayaman Mon, 03/22/2010 - 03:09

under which condition i need to change this interface configuration, if this gig interface is the internal one.

Jennifer Halim Mon, 03/22/2010 - 03:12

Unfortunately for the AIP-SSM module, you are not able to change any of the interfaces.

uthayaman Mon, 03/22/2010 - 03:40

But i got the option to add interface while configuring aip-ssm.Since i was not clear i didnt make a

ny change and came out of the configuration.

Jennifer Halim Mon, 03/22/2010 - 03:44

Because you choose "yes" to modify the configuration while going through the process:

Modify interface/virtual sensor configuration?[no]: yes

You can modify the management interface, ie: unassign it, and modify the sensing interface settings. However, you can not swap, or delete those interfaces.

uthayaman Mon, 03/22/2010 - 03:55

Thanks for your valuble time!!!


I did the same what you have mentioned.What will happen if i change the se

nsing interface(adding three sensing interfaces).Will it affect any performance.

Jennifer Halim Mon, 03/22/2010 - 04:15

Unfortunately you can't add anymore sensing interfaces on the AIP module. There is only 1 (gig0/1) of the module which is connected through the backplane of the ASA.

Here is how you configure traffic to be redirected towards the module from the ASA:

Note: You can only direct traffic to be inspected by the AIP module from the ASA. There is no other way.

uthayaman Mon, 03/22/2010 - 04:19

Thanks for the clarification...

I will re do the configuration and let you know.

uthayaman Sun, 03/28/2010 - 04:39


I did the change and it is working fine.

I want to upgrade the image of my AIP-SSM.I am using aip-ssm-40.Can you suggest which version i can use and steps to upgrade.

Jennifer Halim Sun, 03/28/2010 - 16:26

I would suggest an upgrade to the latest version which is 7.0.2(E3). You can upgrade directly to that version if you are currently already running at least 5.1.6(E3).

To upgrade:

1) Download the upgrade package:

2) Go to IDM: Configuration --> Sensor Management --> Update Sensor --> upload the upgrade package from your local computer and update it.

Hope it helps.


This Discussion

Related Content