02-28-2008 08:24 PM - edited 03-10-2019 04:01 AM
First time am here so plz forgive me if there is any mistakes from my side.
I want to implement Itrusion Prevention and Anti X features in a network, i prefer ASA and SSM modules, how can i install it successfully, is it possible in single ASA device otherwise how can i connet two ASAs to meet the purpose.
Thank You
03-07-2008 08:34 AM
You can use both AIP-SSM and CSC-SSM together on an ASA 5550. Following links may help you
http://www.cisco.com/en/US/docs/security/asa/asa80/getting_started/asa5500/quick/guide/cscssm.html
http://www.cisco.com/en/US/docs/security/ips/5.1/configuration/guide/cli/cliSSM.html
03-08-2008 06:47 AM
Hello,
That's incorrect.
Considering you want ASA technology, two appliances are needed.The first with AIP and the second with CSC.
AIP-SSM and CSC-SSM are slotable in ASA 5510, 5520 and 5540.
Thanks.
03-17-2008 10:55 PM
Hello Sir,
I need both AIP-SSM and CSC-SSM together in a network, it is not possible to insert both in a single divice, isn't it? So i have to use two ASAs right ? So my question is how can i connet both the devices physically in a network, i need to pass the traffice from one to another...
Thank U
03-19-2008 04:04 AM
Why don't you choose one ASA with CSC-SSM for Anti-X functions as Firewall.
For deeper Packet-Inspection i can recommend a seperate IPS-System, for example a prodoct of the Cisco IPS 4200 family.
You can work with SPAN (Switched Port Analyzer) on the Perimeter Switches for sending traffic to the IPS-System before entering the local network.
Traffic-Map:
Outside <-> ASA w. CSC <-> IPS <-> Local Network
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: