Filter
Top Products
28-4
Cisco ASDM User Guide
OL-16647-01
Chapter 28 Configuring IPS
AIP SSM Overview
Figure 28-3 Security Contexts and Virtual Sensors
Figure 28-4 shows a single mode security appliance paired with multiple virtual sensors (in inline
mode); each defined traffic flow goes to a different sensor.
Figure 28-4 Single Mode Security Appliance with Multiple Virtual Sensors
AIP SSM Procedure Overview
Configuring the AIP SSM is a process that includes configuration of the AIP SSM and then configuration
of the ASA 5500 series adaptive security appliance:
1. From ASDM, launch IDM. See the “Accessing IDM from ASDM” section on page 28-5. ASDM
uses IDM to configure the AIP SSM.
2. In IDM, configure the inspection and protection policy, which determines how to inspect traffic and
what to do when an intrusion is detected. Configure the inspection and protection policy for each
virtual sensor if you want to run the AIP SSM in multiple sensor mode. See the “Configuring the
AIP SSM Security Policy in IDM” section on page 28-5.
3. Using ASDM on the ASA 5500 series adaptive security appliance in multiple context mode, specify
which IPS virtual sensors are available for each context (if you configured virtual sensors). See the
“Assigning Virtual Sensors to Security Contexts” section on page 28-5.
Security Appliance
Main System
AIP SSM
Sensor
1
Context
1
Context
2
Context
3
Sensor
2
191316
Sensor
1
Sensor
2
Sensor
3
Security Appliance
Main System
AIP SSM
Traffic 1
Traffic 2
Traffic 3
191315