Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

ASA 5505 IPS/IDS Module

HI Experts ,

Can you please give me an idea about what this IPS/IDS module for ASA 5505 is ?

How much does it cost ? How do I install it and configure it to work with ASA 5505 ?

We also have a few site to site VPN setup from ASA 5505 . Would this affect it in someway ?

Many Thanks ,

Anup

Regards, Anup Don't forget to rate if you found this helpful !
Everyone's tags (3)
1 ACCEPTED SOLUTION

Accepted Solutions
Gold

ASA 5505 IPS/IDS Module

Anup -

You should be able to find the links I provided for you with a general search on Cisco's website for "ssc-5" and "installation" and "configure".

No, you would still have the ASA terminate the Internet access. You want to have the SSC-5 (IPS) module monitor the INSIDE interfaces, (you always want to perform IDS/IPS on the inside of a firewall). This way you will see the traffic after it has been decrypted on your VPN and after the traffic has been filtered by your firewall rules.

- Bob

4 REPLIES
Gold

ASA 5505 IPS/IDS Module

The SSC-5 module is a small (and I mean is has HALF the ram of a regular ISP Sensor) IPS Sensor module that fits inside the ASA5505 chassis. Because of the limited heat dissipation abilities of the ASA5505, they couldn'tt afford to give it more ram. Here is the spec sheet on it:

http://www.cisco.com/en/US/partner/prod/collateral/vpndevc/ps6032/ps6094/ps6120/product_bulletin_c25-528621.html

The SSC-5 module has it's own processor and (IPS) OS, so it should not effect the VPN features you use in your ASA today. Here is how to install it:

http://www.cisco.com/en/US/partner/docs/security/ips/6.2/installation/guide/hw_installing_ssc.html

And how to configure it:

http://www.cisco.com/en/US/partner/docs/security/ips/6.2/configuration/guide/cli/cli_ssc.html

- Bob

New Member

ASA 5505 IPS/IDS Module

Hi Bob ,

Thanks you for providing the information . But I am unable to view them as I don 't have a partner privllege Cisco ID !

Would I have to change the current internet connection from ASA outside interface to some port on the IDS/IPS module ?

I have also heard IDS/IPS won 't be able to detect threats on encrypted traffic like VPN traffic and VPNs will have to be terminated before the IDS/IPS module . Can you also please provide your thoughts on this ?

Thanks ,

Anup

Regards, Anup Don't forget to rate if you found this helpful !
Gold

ASA 5505 IPS/IDS Module

Anup -

You should be able to find the links I provided for you with a general search on Cisco's website for "ssc-5" and "installation" and "configure".

No, you would still have the ASA terminate the Internet access. You want to have the SSC-5 (IPS) module monitor the INSIDE interfaces, (you always want to perform IDS/IPS on the inside of a firewall). This way you will see the traffic after it has been decrypted on your VPN and after the traffic has been filtered by your firewall rules.

- Bob

New Member

ASA 5505 IPS/IDS Module

Hi Bob ,

Thank you so much for briefing me on IPS/IDS module. It was indeed helpful . I think I now have an idea about it to get it started off and implement it in our network .

Regards,

Anup

Regards, Anup Don't forget to rate if you found this helpful !
12164
Views
5
Helpful
4
Replies