Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
904
Views
0
Helpful
2
Replies

Configuring AIP-SSM modelue

bapatsubodh
Level 1
Level 1

‎08-20-2009 11:36 AM - edited ‎03-10-2019 04:44 AM

hi,

we have AIP-SSM-40 modeule installed on ASA 5540 but it is just physically present.

Is it possible to configure to this modeule in inline or like IDS mode? It has only one Ethernet interface. Can this interface be treated as sensor interface and mark a copy of all incoming frames on this interface ( by SPA on switches ).

Please share the experience.

Thanks in advance.

Subodh

Labels:
0 Helpful
2 Replies 2

robertson.michael
Level 3
Level 3

‎08-21-2009 10:08 AM

Hi Subodh,

Yes, the AIP-SSM can operate in either inline (IPS) or promiscuous (IDS) mode. I would recommend you start by reviewing the following config guide, which shows you how to configure the ASA to pass traffic to the SSM for inspection:

http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a00807335ca.shtml

If you have any other specific questions, feel free to post back.

Hope that helps.

-Mike

0 Helpful

rsmith
Level 3
Level 3

‎09-15-2009 07:45 AM

The Interface on the SSM module is ONLY for management, NOT for inspection. You must configure through the ASA the basic information for this interface (IP, Gateway), then you can manage the SSM module remotely through IMIE or your favorite management tool.. The SSM acts just like an external IPS system, but the ASA will send the traffic to/from (inline or promiscuous). The document from the other post is good information.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card