Module security content to ASA - SSM - CSC

Similar Questions

• Step how to configure ASA 5500 Series Security Services Module-10 (model: ASA-SSM-10)

  Dear support,

  I need to configure Security Services Module-10 (model: ASA-SSM-10) on my ASA 5510 firewall. Could you provide configuration step and how to connect to the module?

  Here is the information on the module

  ciscoasa (config) # sh Details of module 1
  The details of the Service module, please wait...
  ASA 5500 Series Security Services Module-10
  Model: ASA-SSM-10
  Hardware version: 1.0
  Serial number: JAF1115066U
  Firmware version: 1.0 (11) 2
  Software version: 1.0000 E1
  MAC address range: 001a.e268.5aa9 to 001a.e268.5aa9
  App name: IPS
  App status. : to the top
  App status. / / Desc:
  App version: 1.0000 E1
  Data of aircraft status: Up
  Status: to the top
  Mgmt IP addr: 133.1.9.144
  Web to MGMT ports: 443
  Mgmt TLS enabled: true

  your help is very appreciate.

  Thank you

  Best regards

  Hi Sothengse,

  Please find the samlpe on AIP SSM module configurations. You can go through this to begin with.

  http://www.Cisco.com/c/en/us/support/docs/security/ASA-5500-x-series-NEX...

  https://www.YouTube.com/watch?v=FgYU5ZXwk4g

  Concerning

  Knockaert

• ASA with CSC-Module

  Hello!

  I have a few questions about the user on CCS-Module license.

  1 how CSC Module checks the number of users using, be it mac-addresses or what?

  2 How long the user will take a license after disconnecting all sessions through the ASA.

  3. what happened when activ users exceeds the threshold of 500?

  / Best regards

  A user is considered to be an IP address. The number of users is a total over a period of 24 hours on all interfaces except the outside.

  You will get a notification if the CSC is greater than the user limit and will also receive the performance issue.

  Check this link http://www.cisco.com/univercd/cc/td/doc/product/multisec/modules/cscssm/cscssm60/csc60adm/index.htm

• Recording capacity for ASA firewall using ASA-SSM-20 IPS module.

  Hello

  Please could someone give some tips on how to get the ASA-SSM-20 to record information about something like Kiwi Syslog services etc. We just need to get the IPS alerts to generate the SMS/email feature to alert the various intervention teams.

  Thank you

  unfortantely, no syslog support

  http://www.Cisco.com/en/us/products/ps6120/products_configuration_example09186a00807335ca.shtml

  You can configure rules to send snmp traps, and you can pull events using CETS, IPS Manager Express and Cisco.

  If you have logging enabled on the ASA a syslog msg appears when the IPS is asking or blocking traffic.

  Here is a link to IPS configuration guides

  http://www.Cisco.com/en/us/products/HW/vpndevc/PS4077/tsd_products_support_configure.html

• Centralized content with ASA filtering

  Hi all

  I was wondering if it is possible to install an ASA with CSC-SSM-20 module and license of 500 users in central administration, to allow him to meet with Microsoft AD and funcion as a proxy for the filtering of content for remote sites and mobile users. Basically what we need to achieve is remote sites users authenticate with AD via VPN and before going out through web surfing their local ISP would need through content in HQ on ASA filtering.

  In this case all the remote site Internet traffic would need to come out by the FAI in HQ?

  Another solution is to implement the filtering of content with TrendMicro on 800 routers in each site, but the license would be very costly for the 60 + wise sites.

  Thanks for your suggestions.

  So from what you say, you'll have the ASA terminate your VPN for remote users, and then, you want the ASA with the CSC to make the URL filtering based on AD.

  Well that might work if all of your web traffic of your users hit the ASA (turn around it). If you perform the tunneling split for the web, it will not work because the ASA does not see traffic navigation.

  I hope that makes sense.

  PK

• recharge an ASA - SSM the firewall itself effect?

  We lost the connection information for the IPS - SSM on our ASA 5520. It seems we should re image module with a version more recent software. It is currently not in use i.e. no rules for it on the firewall. This process will take the firewall offline at all?

  Sh command output:

  See the module of Firewall03 # 1

  Model serial number of map mod

  --- -------------------------------------------- ------------------ -----------

  1 ASA 5500 Series Security Services Module-20 ASA-SSM-20 xxxxxxx

  MAC mod Fw Sw Version Version Version Hw address range

  --- --------------------------------- ------------ ------------ ---------------

  1 001b.0ce2.xxxx to 001b.0ce2.xxxx 1.0 1.0 (11) 2 5,0000 E1

  The Application name of the SSM status Version of the Application of SSM mod

  --- ------------------------------ ---------------- --------------------------

  1 FPS up to 5.1 (5) E1

  Data on the State of mod aircraft compatibility status

  --- ------------------ --------------------- -------------

  1 up Up

  Firewall03 # display module 1 recover

  Module 1 retrieve parameters...

  Start the recovery Image: No.

  Image URL:ftp://0.0.0.0/ t

  Port IP address: 0.0.0.0

  IP gateway address: 0.0.0.0

  VLAN ID: 0

  No, it should not affect the operation of the firewall at all. He would suffer only if you use it inline with firm failure mode is activated.

• Equivalent to show disk0: ASA-SSM-10

  Hi, are you able to see the contents of the disc on an ASA-SSM-10 module? As the show disk0: command on my 5510? I know that it is an internal flash drive... Is that where the image files and configuration and software? Can we see these files and copy them to TFTP server?

  See you soon

  Phil

  Hi Philippe,.

  You can view this content through the service of IPS account. The downside is that you can access only with the supervision of TAC. If you want to see the configuration you can do a show config; If you want to see what version you are using you can do this through the show version command.

  HTH

  Luis Silva

  "If you need IDP (planning, design, implementation) assistance do not hesitate to contact us.

  http://www.Cisco.com/Web/partners/tools/pdihd.html

• ASA-SSM-10 improvement no license or signatures

  I successfully upgraded our ASA-5510 with the latest version of the software.

  Our IPS module however ASA-SSM-10 seems to be the settings to factory default with only an IP address that is configured without any permission or certificates. The ASA-SSM-10 module can be improved with the lack of licenses or certificates? In addition, by using PuTTY I am able to connect to the ASA-SSM-10 module and ping the module and my laptop that I have connected via the management port. I am unable to ping from the laptop to the module of ASA-SSM-10 well.

  Continuing the investigation in addition to the configuration of the management port IP address there is no VLAN, GW, image url or ip address of the configured port. Is there a simple way to upgrade the software on the ASA-SSM-10 without affecting our two ASA - 5510 that are configured for failover?

  I suppose I can do up to a VLAN, GW and port address to get my cell phone to ping to the ASA-SSM-10 module to upgrade without affecting our ASA-5510 that are configured for failover. ***

  You can attach more licenses for the legacy IPS until April 26. But the question is whether it is worth spending time and money in the present. The IPS legacy is dead and you should focus on firepower for IPS. But who does not work on your hardware.

• ASA-SSM-20/40 IPS Software upgrade quesiton

  I'm looking to upgrade the IPS modules (ASA-SSM-20 and ASA-SSM-40) on two different ASA to ver 7.1 (11) E4 under this field notice:

  http://www.Cisco.com/c/en/us/support/docs/field-notices/640/fn64080.html

  My question is around if traffic through the firewall is affected during this update and subsequent restart of the IPS module.

  On the ASAs, a service policy is in place that will allow the traffic in the case where the IPS module becomes unavailable.  It comes, it will actually happen during the update?

  Suggestions and comments are welcome.

  Thanks in advance.

  John

  If your IPS is inline and as a whole do not open then the traffic through the ASA (in assuming an ASA standalone and do not form part of a pair of HA) will not be affected when the service IPS module reload.

  If an SAA is in a pair of HA and a service (ips, cxsc, or sfr) module fails, it will be by default triggers a failover event. (ASA 9.5 introduces the possibility to change this behavior.) The result is the same - no service interruption (Although TCP connections may need to restore if you have not configured stateful failover).

• ASA-SSM-20 on the active failover configuration

  You can synchronize configuration between two IPS systems data?

  I have two ASA-SSM-20 (6.1.1 E3) one in each of my the SAA. Of the SAA is the shift in assets. During the configuration of the IPS module I always make these same changes also in the standby unit. Is it possible to synchronize to the top of these two survey periods, so when it is configured the other is updated?

  Thank you very much

  Unlike the SAA, there not an automatic function to preserve the configuration synchronization through SSMs 2.

  A few options:

  You can use the command copy to copy the configuration of a sensor to a ftp/scp server.

  Then use the copy on the second sensor command to copy the configuration on the second sensor. During the copy, it will ask whether to change the IP of the probe to what is in the configuration file. You will need to tell it to NOT change IP of the probe, otherwise you end up with 2 SSMs with the same IP address and are struggling to connect to them.

  Another option is to use the CSM. CSM has configuration that applies to simple sensors, but also the group configuration that can be applied across multiple sensors.

  If you have used the group configuration, then you could make one change to the configuration of the Group and apply it in all the sensors in the Group (you will place your SSMs 2 in the same group).

• ASA-SSM-40 Installation does not

  Hello

  We are trying to install a new module of IPS in our exisiting Cisco ASA and we get

  Module is not supported

  Please take a look at the worm sh and sh module in the attachment

  SSM-40 requires one of the later versions of 8.0 or 8.2 on the SAA versions.

  Try to load the latest version of 8.0 (4) on the SAA.

• ASA-SSM-10 inspection load 100% (version 7.0 (5 a) E4)

  Hi all

  I have a challenge with the IPS module in ASA5520, ASA-SSM-10. When we start a try to connect to Web servers, I get a load of 100% inspection and will slow down the traffic/performance.

  We test with 63000 sessions per minute making a load of: the test-servers (clients) on the web servers of 20,000 Kbps and traffic from servers web-back to the test-servers (clients) 75.000 kbits/sec.

  Can you please advise what to do because we cannot live with this environment only when this is fixed.

  Thanks in advance,

  Erik Verkerk.

  We have not used charge of inspection in order to determine the appropriate sensor performance, instead, we have relied on "percentage of failed package" reported by the sensor. When the sensor gets into trouble, that they will begin to run out of packets for inspection, this causes the sensor wrong determination of the TCP State for some of the connections. This causes the sensor to use more resources than necessary to inspect traffic, leading to lack more packages.

  It is its called the "death spiral" and we try to avoid it as much as possible.

  Cisco has a long and proud history of providing performance numbers 'blue sky' for their products. We used to refresh their numbers of performance of the IPS sensor by half, but they made improvements over the years and now we take only about 1/3 wide of reported values. You can see for yourself with real, live production traffic.

  I'm havn; t found the number of signatures in a meaningful way sensor effect performance unless you touch abnormally difficult or lit a large number or tuned to perform many actions per second.

  -Bob

• 20 IPS ASA - SSM password reset

  Hi all

  Must reset/recover the password to get rid, for some reason, we lost the password for the IPS 20 ASA - SSM module

  Please let us know the procedure that the reset of password hw-module command does not work.

  Use the reset passwrod hw-module command, you must have ASA 7.2.2 or later version.

• What is a module secure to download youtube video and audio, something, virus and malware free?

  What is a module secure to download youtube video and audio, something, virus and malware free?

  We are not really discussing comparisons add-on here, but note all formally welcomed the module extensions hosted on addons.mozilla.org and available from the will of the User Interface of Firefox were considered and be safe, secure and virus-free.

  • Use the Menu button-> Add-ons-> [search all add-ons]
    (Or key in the address bar Subject: addons)
  • Search example (you can do a targeted search the better your own machine)
    • With > 5 M high to the users of the list is Video DownloadHelper

  NB. There may be legal as possible & /or copyright with downloading some documents issues, but this is out of scope of this support forum discussion.

• AT & T changed their design of the homepage, and I liked the old one. A way to create my own homepage in Firefox using modules for content that I prefer?

  AT & T changed their design of the homepage, and I liked the old one. A way to create my own homepage in Firefox using modules for content that I prefer? I liked the modules which gave me a variety of sources of news, finance, sports, weather, calendar, etc... It also allowed me to use a background of my own source. Finally, he allowed me to resize the modules I needed. I would like to be able to replace the new AT & T with my own homepage. Thank you.

  Maybe http://www.netvibes.com/