Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Trend Micro InterScan CSC SSM Reporting

I replaced a SonicWall 4060 Pro with dual Cisco ASA 5520s and the CSC SSM modules. I need to know how to run web usage reports on all HTTP traffic. Right now I can only find violation reports through Control Manager, which I am currently evaluating. I'm not interested in the threat, spam, spyware reports. I want to know what traffic is passing through the firewall and be able to match the traffic with an internal IP address if my HR department requests it.

Any and all information is appreciated!

1 REPLY
Cisco Employee

Re: Trend Micro InterScan CSC SSM Reporting

This is currently not supported on the CSC module itself - it will only log denied flows.

There are a number of options available to determine what IP addresses access devices outside the ASA. You can monitor the connection syslogs - this will not provide the hostname on the outside but will provide the inside IP address, the translation, and destination IP address. If you enable 'inspect http', this command will create a syslog with each URL access (however, enabling this feature may have adverse effects on some websites). Implementing NetFlow (available in ASA version 8.2) will give you the ability to more easily watch flows.

331
Views
0
Helpful
1
Replies