Solved: ASA 5510 license

Miroslav Georgiev · ‎03-18-2011

ASA-CSC10-LIC ASA 5500 Series Content Security SSM-10 Software License
ASA-CSC10-PLUS ASA 5500 CSC SSM10 Plus Lic. (Spam/URL/Phish, 1Yr Subscript)
ASA-CSC10-USR-100 ASA 5500 Content Security SSM-10 100 User License

With these licenses can we manually chose which mailboxes to protect if we have internal mail server

and all the mail traffic is going ot only one ip ?

padatta · ‎03-19-2011

Hi,

Unfortunately we cannot specify this on CSC. As a workaround, we can deny the addresses on ASA for which you don't need SMTP inspection on CSC and permit the rest.

If the first 100 licenses are consumed, you'll start getting license errors on CSC. However, none of the connections will be dropped.

This CSC SSM sizing guide might be helpful.

http://www.cisco.com/en/US/partner/prod/collateral/vpndevc/ps6032/ps6094/ps6120/prod_white_paper0900aecd805c3cd6_ps9774_Products_White_Paper.html

Paps

View solution in original post

padatta · ‎03-18-2011

Hi,

Following are the criteria you can filter smtp traffic.

. Message/attachment size.

. Attachment type/name.

. Compressed file handling.

. File scanning/spyware/grayware

. spam (you can have approved/blocked sender list).

Paps

Miroslav Georgiev · ‎03-18-2011

If I have for example 120 mboxes and only license for 100.

Can I specify which 100 mboxes to be scanned or what will happen when the limit is reached ?

padatta · ‎03-19-2011

Hi,

Unfortunately we cannot specify this on CSC. As a workaround, we can deny the addresses on ASA for which you don't need SMTP inspection on CSC and permit the rest.

If the first 100 licenses are consumed, you'll start getting license errors on CSC. However, none of the connections will be dropped.

This CSC SSM sizing guide might be helpful.

http://www.cisco.com/en/US/partner/prod/collateral/vpndevc/ps6032/ps6094/ps6120/prod_white_paper0900aecd805c3cd6_ps9774_Products_White_Paper.html

Paps

Miroslav Georgiev · ‎03-19-2011

That's what I needed. Thank you.