Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
New Member

AIP-SSM interface

What does the interface configuration in AIP-SSM indicates ?

If this indicates that the traffics of this interface will be monitored, then what is the purpose of diverting traffic from asa though policy command.

Everyone's tags (1)
1 ACCEPTED SOLUTION

Accepted Solutions
Cisco Employee

Re: AIP-SSM interface

Thanks, hope i've answered your questions.

16 REPLIES
Cisco Employee

Re: AIP-SSM interface

The external interface of the AIP-SSM module is purely for management (Command and Control interface). You would need to connect that to your network so you can manage the module (IDM).

New Member

Re: AIP-SSM interface

I understood the AIP-SSM mgmt interface ip configuration.In the setup mode when we configure the aip ssm what does the below option represent.

Modify interface/virtual sensor configuration?[no]: yes

Current interface configuration

 Command control: Management0/0

 Unassigned:

  Monitored:

   GigabitEthernet0/1

 Virtual Sensor: vs0

  Anomaly Detection: ad0

  Event Action Rules: rules0

  Signature Definitions: sig0

  [1] Edit Interface Configuration

  [2] Edit Virtual Sensor Configuration

  [3] Display configuration

Option: 

Cisco Employee

Re: AIP-SSM interface

That is the command and control interface, ie: for management of the module (the ip address that you would https/IDM to).

Gig0/1 is the sensing interface, which is connected internally at the backplane of the ASA.

New Member

Re: AIP-SSM interface

Here , the monitored interface represent my ASA's physical interfaces ?

If i have four physical interface on my ASA, whether i need to include all the inteface under this monitored option ?

Cisco Employee

Re: AIP-SSM interface

No, the module is independant of the ASA as far as management/monitoring is concern. The interface is the physical interface on the module itself, not any of the interfaces of the ASA.

Here is the hardware visual of the SSM module where the physical interface is:

http://www.cisco.com/en/US/docs/security/asa/asa82/getting_started/asa5500/quick/guide/opt_card.html#wp1035895

New Member

Re: AIP-SSM interface

Thx for the reply....

In which cases i have to change the interface settings.

Cisco Employee

Re: AIP-SSM interface

Thanks, hope i've answered your questions.

New Member

Re: AIP-SSM interface

under which condition i need to change this interface configuration, if this gig interface is the internal one.

Cisco Employee

Re: AIP-SSM interface

Unfortunately for the AIP-SSM module, you are not able to change any of the interfaces.

New Member

Re: AIP-SSM interface

But i got the option to add interface while configuring aip-ssm.Since i was not clear i didnt make a

ny change and came out of the configuration.

Cisco Employee

Re: AIP-SSM interface

Because you choose "yes" to modify the configuration while going through the process:

Modify interface/virtual sensor configuration?[no]: yes

You can modify the management interface, ie: unassign it, and modify the sensing interface settings. However, you can not swap, or delete those interfaces.

New Member

Re: AIP-SSM interface

Thanks for your valuble time!!!

Yes!!!

I did the same what you have mentioned.What will happen if i change the se

nsing interface(adding three sensing interfaces).Will it affect any performance.

Cisco Employee

Re: AIP-SSM interface

Unfortunately you can't add anymore sensing interfaces on the AIP module. There is only 1 (gig0/1) of the module which is connected through the backplane of the ASA.

Here is how you configure traffic to be redirected towards the module from the ASA:

http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a00807335ca.shtml

Note: You can only direct traffic to be inspected by the AIP module from the ASA. There is no other way.

New Member

Re: AIP-SSM interface

Thanks for the clarification...

I will re do the configuration and let you know.

New Member

Re: AIP-SSM interface

Hi,

I did the change and it is working fine.

I want to upgrade the image of my AIP-SSM.I am using aip-ssm-40.Can you suggest which version i can use and steps to upgrade.

Cisco Employee

Re: AIP-SSM interface

I would suggest an upgrade to the latest version which is 7.0.2(E3). You can upgrade directly to that version if you are currently already running at least 5.1.6(E3).

To upgrade:

1) Download the upgrade package:

http://tools.cisco.com/support/downloads/go/ImageList.x?relVer=7.0%282%29E3&mdfid=280432811&sftType=Intrusion+Prevention+System+%28IPS%29+System+Upgrades&optPlat=&nodecount=2&edesignator=null&modelName=Cisco+ASA+Advanced+Inspection+and+Prevention+%28...

2) Go to IDM: Configuration --> Sensor Management --> Update Sensor --> upload the upgrade package from your local computer and update it.

Hope it helps.

1901
Views
0
Helpful
16
Replies
CreatePlease to create content