There doesn't seem to be alot of in-depth technical material on this device and how it actually operates. Here is what I came across with it recently....
I have 2 e-mail servers on the inside, trying to get anti-virus updates. Each time they fail. I have web filtering thru the CSC going outbound and from the inside interface. I have e-mail filtering thru the CSC coming in from the outside interface. When I look at the TrendMicro GUI traffic counters, nothing was shown as filtered or blocked. When I did a packet capture off the ASA it showed a conversation between the e-mail server and the outside host going back n forth, but then it stops..a SYN timeout! Although the outside host still attempts to contact the inside mail server and is denied by the ACL. When I put a "deny" on the ACL associated with sending traffic to the CSC, for the outside IP, updates work. Why doesn't the Trend software update if it's scanning this file/traffic? What did the CSC do to cause the SYN timeout?
I think your problem is based upon how the CSC scans files. It is trying to get the whole file into memory before its evaluation. To bypass this you can go into the CSC and look at the deferred scanning settings...
for example under http scanning check that the action on larger files is set to deliver and enable deferred scanning for files larger than, say 10MB and see what it does.
Robert, I have to agree, there is little to no useful docs around about this particular card. What version of code is on the module? I would get that upgraded when you can. The 6.2 code allows for more performance. I would also turn all functionality off, not even passing any traffic to the CSC module, then turn a little on at a time. The card just has performance problems and it is just easier to start with nothing and turning things on bit by bit.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :