I am new to CSC SSM. Would you please help me find out how to control instant messaging traffic with ASA + CSC SSM (plus license)? Is it correct to say that the only way to do it is by configuring the ASA itself and not the CSC SSM, like it is shown here:
...Peer-to-peer file sharing and Internet instant messaging applications can also be blocked using Cisco IPS appliances and modules and the Cisco ASA firewall (using modular policy framework)...
Also, why using ASA with CSC SSM and not using ISR G2 with content filtering for smaller deployments? For example, does ISR G2 with content filtering supports time/user/group filtering settings like ASA with CSC SSM? FYI:
Q. How does Cisco IOS Content Filtering differ from the Content Security and Control module for the ASA platform?
A. Cisco IOS Content Filtering is a subscription based service for Cisco ISRs that provide protection from malicious
websites as well as improve employee productivity using URL filtering techniques. The Cisco Content Security
and Control (CSC-SSM) module is an expansion card for the Cisco ASA 5500 Series of security appliances that
scans Web, e-mail, and ftp traffic to stop content-based threats, including phishing, spyware, spam, and viruses.
The CSC-SSM also controls unwanted mail and Web content. Both products use technology from Trend Micro
Thanks in advance
Just to piggy-back on what Mike said, you mentioned specifically user/group interaction with the CSC versus the ASR solution. At this point there is no Active directory integration on the ISR platform, but yes they CSC module (As of version 6.3.1172.0 and later) support integrating with AD to map usernames ad groups to IP addresses so that you can make filtering policies based on any of the following:
- IP address
- AD Group
It also supports policy decision based on time (breaks the day into 14 1-hr segments). You may be able to do something close to this on the ISR using time based ACLs in your filtering policy.