Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

ASA Content Security SSM-10

Let say I have following scenario:

I have a s pair of Cisco A5520 Firewall running in HA Active Passive mode.

In the firewall, I have configured Remote Access VPN, allow my users to VPN to the firewall and access servers inside Internal network.

If I will to purchase ASA Content Security SSM-10, will it protect my internal servers from virus in vpn users' labtop, if the users labtop is affected by virus?

Split tunneling is disabled when users login to vpn. If I will to implement SSM-10, will I be able to block certain URL that I don't want my users to access?

I understand that VPN traffic is encrypted, such that nature of the traffic cannot be determined. Encryption should stop at firewall and further traffic should not be encrypted. Will this un-encrypted traffic being scan by CSC SSM-10?

This setup is different from normal deployment of CSC SSM, where users are behind ASA Firewall. In this case, users are outside firewall and their traffic are VPN traffic to internal servers.

Any help will be much appreciated.

  • Other Security Subjects
Everyone's tags (2)