Regarding to the AIP-SSM & CSC-SSM of the ASA , i downloaded some documents that explain the functions and the features for each of them but really i am confused , i cannot determine which of them is the best for monitoring of the traffice . Many customers have Exchange servers ,web servers, FTP servers , database servers .....and so on .
Are the CSC-SSM module features(Antispam-antivirus-antispy....) part of the AIP-SSM functions or each of them has a different purpose??
i need to know what is the best module to use it in the network and why????
The IPS module allows you to choose a default set of protocols to inspect for malform packets (spoofed, hacked, etc) or a tailored set based upon your specific traffic.
There are commands to view the packets traversing your contol engine. Google Configuring the Cisco Intrusion Prevention System Sensor Using the Command Line Interface 5.0. Go to page 475 of 532 and you will see sh statistics virtual-sensor traffic you can monitor and see suspicious traffic entering your network. Unlike the CCS-SSM the AIP-SSM does a more thorough inspection of threats from layer 2 through layer 7.
CCS-SSM seems to be an expense antivirus module though it is cheaper than the AIP-SSM.
I am very happy with the AIP-SSM, just remember both analyze traffic inline and could be latency generators if you have fat pipes.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...