Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

ASA-5510 and AIP-SSM

anyone try to test the AIP-SSM in a lab environment sending Denial of Service, worm virus and see how the IPS respond the attacks?

any sample config pls?

Community Member

Re: ASA-5510 and AIP-SSM

In order to create a global service policy that identifies traffic to be scanned, complete these steps:

In the main ASDM window, choose the Configuration tab.

Choose Security Policies, and then click the Service Policy Rules radio button.

Click Add.

The Add Service Policy Rule appears.

In the Service Policy page, click the Global - applies to all interfaces radio button.

Choose Next. The Traffic Classification Criteria page appears.

In the Traffic Classification Criteria page, click the User class-default as the traffic class radio button.

Choose Next. The Add Service Policy Rule Wizard - Rule Actions page appears.

In the Service Policy Rule Wizard, choose the CSC Scan tab.

On the CSC Scan tab page, check the Enable CSC scan for this traffic flow check box.

In the If CSC card fails, then area, choose whether the adaptive security appliance should permit or deny selected traffic if the CSC SSM is unavailable.

Choose Finish.

The new service policy appears in the Service Policy Rules pane.

Choose Apply.

In order to configure additional CSC SSM features in ASDM, which includes content filtering, click the Configuration or Monitoring tab, then choose the Trend Micro Content Security tab.

Refer to the Diverting Traffic to CSC SSM section of Managing AIP SSM and CSC SSM for more information on how to configure ASA to send traffic to CSC SSM with the use of the command line.

Community Member

Re: ASA-5510 and AIP-SSM

thanks for your response. I've been looking for the CSC SSM functionality but it's not in ASDM ...not sure if additional image or license required.

CreatePlease to create content