CHAPTER
32-1
Cisco ASA Series Firewall CLI Configuration Guide
32
Configuring the ASA CSC Module
This chapter describes how to configure the Content Security and Control (CSC) application that is
installed in a CSC SSM in the ASA.
This chapter includes the following sections:
• Information About the CSC SSM, page 32-1
• Licensing Requirements for the CSC SSM, page 32-5
• Prerequisites for the CSC SSM, page 32-5
• Guidelines and Limitations, page 32-6
• Default Settings, page 32-6
• Configuring the CSC SSM, page 32-7
• Monitoring the CSC SSM, page 32-13
• Troubleshooting the CSC Module, page 32-14
• Configuration Examples for the CSC SSM, page 32-17
• Additional References, page 32-18
• Feature History for the CSC SSM, page 32-19
Information About the CSC SSM
Some ASA models support the CSC SSM, which runs Content Security and Control software. The CSC
SSM provides protection against viruses, spyware, spam, and other unwanted traffic by scanning the
FTP, HTTP/HTTPS, POP3, and SMTP packets that you configure the ASA to send to it.
For more information about the CSC SSM, see the following URL:
http://www.cisco.com/en/US/products/ps6823/index.html
Figure 32-1 shows the flow of traffic through an ASA that has the following:
• A CSC SSM installed and configured.
• A service policy that determines what traffic is diverted to the CSC SSM for scanning.
In this example, the client could be a network user who is accessing a website, downloading files from
an FTP server, or retrieving mail from a POP3 server. SMTP scans differ in that you should configure
the ASA to scan traffic sent from the outside to SMTP servers protected by the ASA.