Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Getting Started: ASA5520 w/ AIP-SSM

I'm in the process of deploying an ASA5520 to a client. I've no problems with the firewall piece of the implementation, but I don't know where to start with the IPS piece.

I've searched quite a bit about the ASA55XX & AIP-SSM, but can't seem to find much about what to do with the AIP-SSM beyond the initial configuration.

Can someone point me to some beginner IPS documentation that's focused on the AIP-SSM?

Thanks,

Jeff

1 ACCEPTED SOLUTION

Accepted Solutions
New Member

Re: Getting Started: ASA5520 w/ AIP-SSM

I believe there is a lack of documentation on how to get the IPS module to work with the ASA. It would be nice if there was a single document on how to get the IPS module working with the ASA.

Start with the IPS documentation. This is just on how to configure the IPS module itself. Give it a management IP address, set the admin password, etc.

http://www.cisco.com/univercd/cc/td/doc/product/iaabu/csids/csids12/index.htm

Then, go to the ASA documentation on how to configure the ASA to send traffic to the IPS (via a service-policy):

http://www.cisco.com/univercd/cc/td/doc/product/iaabu/csids/csids11/cliguide/clissm.htm#wp1033926

There is a free IPS Event Viewer that Cisco offers to monitor events on the IPS. It can be downloaded from the Cisco IPS Software download page.

Finally, read the SAFE whitepaper on IPS deployment and tuning.

http://www.cisco.com/en/US/netsol/ns340/ns394/ns171/ns128/networking_solutions_white_paper09186a00801bc111.shtml

Hope this helps. Please remember to rate useful posts. Thanks!

1 REPLY
New Member

Re: Getting Started: ASA5520 w/ AIP-SSM

I believe there is a lack of documentation on how to get the IPS module to work with the ASA. It would be nice if there was a single document on how to get the IPS module working with the ASA.

Start with the IPS documentation. This is just on how to configure the IPS module itself. Give it a management IP address, set the admin password, etc.

http://www.cisco.com/univercd/cc/td/doc/product/iaabu/csids/csids12/index.htm

Then, go to the ASA documentation on how to configure the ASA to send traffic to the IPS (via a service-policy):

http://www.cisco.com/univercd/cc/td/doc/product/iaabu/csids/csids11/cliguide/clissm.htm#wp1033926

There is a free IPS Event Viewer that Cisco offers to monitor events on the IPS. It can be downloaded from the Cisco IPS Software download page.

Finally, read the SAFE whitepaper on IPS deployment and tuning.

http://www.cisco.com/en/US/netsol/ns340/ns394/ns171/ns128/networking_solutions_white_paper09186a00801bc111.shtml

Hope this helps. Please remember to rate useful posts. Thanks!

138
Views
15
Helpful
1
Replies
CreatePlease login to create content