I have ASA terminating the VPN clients (remote access or L2L vpn), and if I have SSM installed on ASA (to act as IPS), will this ASA successfully be able to perform real-time spam/virus filtering even for the encrypted traffic that is coming through the remote client VPN or client via L2L vpn.? if so, any special license also needed for the ASA..?
I would suspect the module would analyze because it is my experience that inbound traffic on an interface is decrypted, then ACLs are applied on the decrypted traffic. And as people here have said that the IPS works post ACL, I believe that inbound traffic is processed like this; decryption -> access control -> inspection.
However, you mention spam and I am not sure if you are talking about the IPS modules, as I had thought they did not prevent spam. Although they could prevent some malicious attachments.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...