There's a mobile version of our website.
HI Experts ,
Can you please give me an idea about what this IPS/IDS module for ASA 5505 is ?
How much does it cost ? How do I install it and configure it to work with ASA 5505 ?
We also have a few site to site VPN setup from ASA 5505 . Would this affect it in someway ?
Many Thanks ,
The SSC-5 module is a small (and I mean is has HALF the ram of a regular ISP Sensor) IPS Sensor module that fits inside the ASA5505 chassis. Because of the limited heat dissipation abilities of the ASA5505, they couldn'tt afford to give it more ram. Here is the spec sheet on it:
The SSC-5 module has it's own processor and (IPS) OS, so it should not effect the VPN features you use in your ASA today. Here is how to install it:
And how to configure it:
Hi Bob ,
Thanks you for providing the information . But I am unable to view them as I don 't have a partner privllege Cisco ID !
Would I have to change the current internet connection from ASA outside interface to some port on the IDS/IPS module ?
I have also heard IDS/IPS won 't be able to detect threats on encrypted traffic like VPN traffic and VPNs will have to be terminated before the IDS/IPS module . Can you also please provide your thoughts on this ?
You should be able to find the links I provided for you with a general search on Cisco's website for "ssc-5" and "installation" and "configure".
No, you would still have the ASA terminate the Internet access. You want to have the SSC-5 (IPS) module monitor the INSIDE interfaces, (you always want to perform IDS/IPS on the inside of a firewall). This way you will see the traffic after it has been decrypted on your VPN and after the traffic has been filtered by your firewall rules.
Hi Bob ,
Thank you so much for briefing me on IPS/IDS module. It was indeed helpful . I think I now have an idea about it to get it started off and implement it in our network .
Login to share your discussion activity with your friends on Facebook. You can control what you share and turn off sharing anytime.
Your Facebook friends can now see that you have started this discussion
Your Facebook friends can now see that you have commented on this discussion
Your Facebook friends can now see that you have read this discussion