55-6
Cisco ASA 5500 Series Configuration Guide using ASDM
OL-20339-01
Chapter 55 Configuring the Content Security and Control Application on the CSC SSM
Guidelines and Limitations
–
The CSC SSM management port IP address, netmask, and gateway IP address.
–
DNS server IP address.
–
HTTP proxy server IP address (needed only if your security policies require the use of a proxy
server for HTTP access to the Internet).
–
Domain name and hostname for the CSC SSM.
–
An e-mail address and an SMTP server IP address and port number for e-mail notifications.
–
IP addresses of hosts or networks that are allowed to manage the CSC SSM. The IP addresses
for the CSC SSM management port and the adaptive security appliance management interface
can be in different subnets.
–
Password for the CSC SSM.
Guidelines and Limitations
This section includes the guidelines and limitations for this feature.
Context Mode Guidelines
Supported in single and multiple context modes.
Firewall Mode Guidelines
Supported in routed and transparent modes.
Failover Guidelines
Does not support sessions in Stateful Failover. The CSC SSM does not maintain connection information,
and therefore cannot provide the failover unit with the required information. The connections that a CSC
SSM is scanning are dropped when the adaptive security appliance in which the CSC SSM is installed
fails. When the standby adaptive security appliance becomes active, it forwards the scanned traffic to the
CSC SSM and the connections are reset.
IPv6 Guidelines
Does not support IPv6.
Model Guidelines
Supported on the ASA 5510, ASA 5520, and ASA 5540 only.
Default Settings
Table 55-1 lists the default settings for the CSC SSM.
Table 55-1 Default CSC SSM Parameters
Parameter Default
FTP inspection on the adaptive security appliance Enabled
All features included in the license(s) that you
have purchased
Enabled
To Next Page
Loading...
Need help?
General
