we have AIP-SSM-40 modeule installed on ASA 5540 but it is just physically present.
Is it possible to configure to this modeule in inline or like IDS mode? It has only one Ethernet interface. Can this interface be treated as sensor interface and mark a copy of all incoming frames on this interface ( by SPA on switches ).
Yes, the AIP-SSM can operate in either inline (IPS) or promiscuous (IDS) mode. I would recommend you start by reviewing the following config guide, which shows you how to configure the ASA to pass traffic to the SSM for inspection:
The Interface on the SSM module is ONLY for management, NOT for inspection. You must configure through the ASA the basic information for this interface (IP, Gateway), then you can manage the SSM module remotely through IMIE or your favorite management tool.. The SSM acts just like an external IPS system, but the ASA will send the traffic to/from (inline or promiscuous). The document from the other post is good information.
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...