Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

AIP or CSC SSM

We've got an ASA 5510 and we're moving to get all our remote users on the SSL/VPN option with this.

However, we'd like to be protected 100% from any remote client that manages to get themselves a virus before connecting to us remotely.

I've been reading on both the AIP and CSC SSM's, but I can't quite distinguish the difference between them. It sounds like they both scan for viruses and other malicious traffic. What's the difference of the two?

Also, we use an internal Trend Micro proxy server for scanning our users internet traffic. It sound like one of these modules (or maybe both can) actually take over this role. Can someone who is using this virus scanning/url-blocking feature on the asa give me an idea on how detail rich the configuration options are? Is it very basic, just plug it in and one simple configuration, or is there a plethora of options for detailed configuration?

Thanks for any info!

(I'm still reading so hopefully I'll have a good grasp on this here soon)

1 REPLY
New Member

Re: AIP or CSC SSM

Hi Snooter,

The CSC Module is a small TrendMicro Appliance that scans your Http (and Email?) traffic inline. This appliance might save you a proxy server. The AIP-SSM is a full blown Intrusion Prevention System that monitors the firewall traffic via its IPS signatures. You should have additional monitoring or correlation software (like Cisco MARS or Prelude/Prewikka) to help you manage and interpret your IPS data.

Regards

Robert

143
Views
0
Helpful
1
Replies