Filter
Top Products
32-2
Cisco ASA Series Firewall ASDM Configuration Guide
Chapter 32 Configuring the ASA CSC Module
Information About the CSC SSM
Figure 32-1 Flow of Scanned Traffic with the CSC SSM
You use ASDM for system setup and monitoring of the CSC SSM. For advanced configuration of content
security policies in the CSC SSM software, you access the web-based GUI for the CSC SSM by clicking
links within ASDM. The CSC SSM GUI appears in a separate web browser window. To access the CSC
SSM, you must enter the CSC SSM password. To use the CSC SSM GUI, see the Cisco Content Security
and Control SSM Administrator Guide.
Note ASDM and the CSC SSM maintain separate passwords. You can configure their passwords to be
identical; however, changing one of these two passwords does not affect the other password.
The connection between the host running ASDM and the ASA is made through a management port on
the ASA. The connection to the CSC SSM GUI is made through the SSM management port. Because
these two connections are required to manage the CSC SSM, any host running ASDM must be able to
reach the IP address of both the ASA management port and the SSM management port.
Figure 32-2 shows an ASA with a CSC SSM that is connected to a dedicated management network.
While use of a dedicated management network is not required, we recommend it. In this configuration,
the following items are of particular interest:
• An HTTP proxy server is connected to the inside network and to the management network. This
HTTP proxy server enables the CSC SSM to contact the Trend Micro Systems update server.
• The management port of the ASA is connected to the management network. To allow management
of the ASA and the CSC SSM, hosts running ASDM must be connected to the management network.
• The management network includes an SMTP server for e-mail notifications for the CSC SSM and a
syslog server to which the CSC SSM can send syslog messages.
148386
ASA
Main System
Request sent
Client
Reply forwarded
inside
modular
service
policy
Request forwarded
Reply sent
CSC SSM
Serve
r
Diverted Traffic
content security scan
outside