https://community.cisco.com/t5/network-security/configuration-synchronization-csc-ssm/m-p/1051574#M893670 <HTML><HEAD></HEAD><BODY><P></P><P>Don't you think it is unsafe to access the Trend Server on the internet through the inside network. </P><P></P><P>What kind of security policies, access-list have you configured to block any unwanted traffic such viruses, attack from outside as you would have opened access to internet from inside network for trend updates.</P></BODY></HTML> Wed, 12 Nov 2008 16:26:57 GMT new_networker 2008-11-12T16:26:57Z https://community.cisco.com/t5/network-security/configuration-synchronization-csc-ssm/m-p/1051572#M893668 <P></P><P>For failover settings, should the primary and secondary peer IP address be the ASA mgmt IP or the CSC-SSM mgmt IP. </P><P></P><P>Regards. </P> Mon, 11 Mar 2019 14:12:17 GMT https://community.cisco.com/t5/network-security/configuration-synchronization-csc-ssm/m-p/1051572#M893668 new_networker 2019-03-11T14:12:17Z https://community.cisco.com/t5/network-security/configuration-synchronization-csc-ssm/m-p/1051573#M893669 <HTML><HEAD></HEAD><BODY><P>Hi, </P><P>do you mean failover for the ASA's or the CSC Modules?</P><P></P><P>If the CSC modules, the way i have them configured is on the same IP as the inside network (to access the trend server for updates). When I tried to put the CSC on the Management interface on a diff subnet, i found that the CSC modules could not connect to the net for the updates. According to TAC, there are no issues in putting the CSC modules on the inside network.</P><P></P><P>HTH.</P><P>please rate if useful</P></BODY></HTML> Wed, 12 Nov 2008 15:37:20 GMT https://community.cisco.com/t5/network-security/configuration-synchronization-csc-ssm/m-p/1051573#M893669 SOL10 2008-11-12T15:37:20Z https://community.cisco.com/t5/network-security/configuration-synchronization-csc-ssm/m-p/1051574#M893670 <HTML><HEAD></HEAD><BODY><P></P><P>Don't you think it is unsafe to access the Trend Server on the internet through the inside network. </P><P></P><P>What kind of security policies, access-list have you configured to block any unwanted traffic such viruses, attack from outside as you would have opened access to internet from inside network for trend updates.</P></BODY></HTML> Wed, 12 Nov 2008 16:26:57 GMT https://community.cisco.com/t5/network-security/configuration-synchronization-csc-ssm/m-p/1051574#M893670 new_networker 2008-11-12T16:26:57Z https://community.cisco.com/t5/network-security/configuration-synchronization-csc-ssm/m-p/1051575#M893671 <HTML><HEAD></HEAD><BODY><P>no its not unsafe. by default on an ASA, all incoming traffic is blocked unless allowed by an ACL. </P><P></P><P>When an inside server initiates a connection to a server on the internet, the return traffic is classed as safe and allowed through. </P><P></P><P>HTH</P></BODY></HTML> Thu, 13 Nov 2008 10:28:32 GMT https://community.cisco.com/t5/network-security/configuration-synchronization-csc-ssm/m-p/1051575#M893671 SOL10 2008-11-13T10:28:32Z