Cisco Systems ASA 5540 Network Router User Manual


  Open as PDF
of 2086
 
64-8
Cisco ASA 5500 Series Configuration Guide using ASDM
Chapter 64 Configuring the ASA CSC Module
Configuring the CSC SSM
If you manually control time settings, verify the clock settings, including time zone. Choose
Configuration > Properties > Device Administration > Clock.
If you are using NTP, verify the NTP configuration. Choose Configuration > Properties > Device
Administration > NTP.
Step 6 Open ASDM.
Step 7 Connect to and log in to the CSC SSM. For instructions, see the “Connecting to the CSC SSM” section
on page 64-8.
Step 8 Run the CSC Setup Wizard.
To access the CSC Setup Wizard, choose Configuration > Trend Micro Content Security > CSC
Setup > Wizard Setup > Launch Setup Wizard.
If you are rerunning the CSC Setup Wizard, perform the same step listed in the previous bullet.
The CSC Setup Wizard appears.
Step 9 Complete the CSC Setup Wizard, which includes configuration of service policies to divert traffic that
you want scanned to the CSC SSM.
Note If you create a global service policy to divert traffic for CSC scans, all traffic (inbound and
outbound) for the supported protocols is scanned. To maximize performance of the ASA and the
CSC SSM, scan traffic only from untrusted sources.
Step 10 To reduce the load on the CSC SSM, configure the service policy rules that send packets to the CSC SSM
to support only HTTP/HTTPS, SMTP, POP3, or FTP traffic. For instructions, see the “Determining
Service Policy Rule Actions for CSC Scanning” section on page 64-9.
Step 11 (Optional) Review the default content security policies in the CSC SSM GUI, which are suitable for most
implementations. You review the content security policies by viewing the enabled features in the CSC
SSM GUI. For the availability of features, see the “Licensing Requirements for the CSC SSM” section
on page 64-5. For the default settings, see the “Default Settings” section on page 64-6.
What to Do Next
See the “Connecting to the CSC SSM” section on page 64-8.
Connecting to the CSC SSM
With each session you start in ASDM, the first time you access features related to the CSC SSM, you
must specify the management IP address and provide the password for the CSC SSM. After you
successfully connect to the CSC SSM, you are not prompted again for the management IP address and
password. If you start a new ASDM session, the connection to the CSC SSM is reset and you must
specify the IP address and the CSC SSM password again. The connection to the CSC SSM is also reset
if you change the time zone on the ASA.
Note The CSC SSM has a password that is maintained separately from the ASDM password. You can
configure the two passwords to be identical, but changing the CSC SSM password does not affect the
ASDM password.