Showing results for 
Search instead for 
Did you mean: 


What are the limitation of the 4 Port Gigabit ethernet Security Service Module (4GE SSM)?

I was wondering if anyone can help me out. I am trying to create a redundancy topology which require several connections to an ASA 5510. I am looking at extending the connections to my ASA 5510 appliance with the four port gig ethernet security module (4GE SSM). I am trying to find out what the limitations are on this particular module.

I have heard that there might be limitations to the 4GE SSM. Such as the interfaces on this module might process data separately from the ASA 5510 appliance. My question is does the ASA four port gig ethernet security module (4GE SSM) interfaces act as a extension of the ASA 5510 appliance or does it process and filter data separate from the ASA 5510 appliance ?

My concerns are that the 4GE SSM does not utilize all the security features of the ASA 5510 appliance, and that it just separates traffic into security zones. I interpret that to mean that each interface can be placed in a separate security level in which case has a separate security algorithm and uses the security level to force security policies. Nothing more.

My second question if relevant would be what are the limitations?

Thank you for your help on this topic.


Marvin Rhoads
Hall of Fame Guru

The 4GE SSM just gives you the four additional ports. It doesn't increase the processing capacity of the 5510 (a relatively low end box whose replacement - the 5515X -  has been out since this past spring). It works off the same configuration script and CPU as all the built-in ports.

The only limitation I can think of off the top of my head is that members of an Etherchannel cannot span the SSM and the built-in ports.

Content for Community-Ad