About The Csc Ssm - Cisco PIX 500 Series Configuration Manual

Security appliance command line

Hide thumbs Also See for PIX 500 Series:

Table of Contents

Managing the CSC SSM

About the CSC SSM

The ASA 5500 series adaptive security appliance supports the CSC SSM, which runs Content Security

and Control software. The CSC SSM provides protection against viruses, spyware, spam, and other

unwanted traffic by scanning the FTP, HTTP, POP3, and SMTP packets that you configure the adaptive

security appliance to send to it.

In this example, the client could be a network user who is accessing a website, downloading files from

an FTP server, or retrieving mail from a POP3 server. SMTP scans differ in that you should configure

the adaptive security appliance to scan traffic sent from the outside to SMTP servers protected by the

adaptive security appliance.

The CSC SSM can scan FTP file transfers only when FTP inspection is enabled on the adaptive security

appliance. By default, FTP inspection is enabled.

You use ASDM for system setup and monitoring of the CSC SSM. For advanced configuration of content

security policies in the CSC SSM software, you access the web-based GUI for the CSC SSM by clicking

links within ASDM. For instructions on use of the CSC SSM GUI, see the

Cisco CSC SSM Administrator

Cisco Security Appliance Command Line Configuration Guide

Getting Started with the CSC SSM, page 22-12

Determining What Traffic to Scan, page 22-13

Limiting Connections Through the CSC SSM, page 22-15

Diverting Traffic to the CSC SSM, page 22-16

illustrates the flow of traffic through an adaptive security appliance that has the following:

A CSC SSM installed and configured.

A service policy that determines what traffic is diverted to the CSC SSM for scanning.

Flow of Scanned Traffic with CSC SSM

Security Appliance

Request sent

Reply forwarded

content security scan

Request forwarded

Diverted Traffic

Managing the AIP SSM and CSC SSM

Trend Micro InterScan for

Asa 5500 series