Determining What Traffic To Scan - Cisco PIX 500 Series Configuration Manual
Security appliance command line
Hide thumbs
Also See for PIX 500 Series:
- Administration manual (653 pages) ,
- Quick start manual (72 pages) ,
- User manual (60 pages)
Table of Contents
Advertisement
Chapter 22
Managing the AIP SSM and CSC SSM
•
To access the ASDM GUI in a supported web browser and on the Home page, click the Content Security
Step 6
tab. In ASDM, run the CSC Setup Wizard. To access the CSC Setup Wizard, choose Configuration >
Trend Micro Content Security > CSC Setup > Wizard Setup > Launch Setup Wizard. The CSC
Setup Wizard appears. For assistance with the CSC Setup Wizard, click the Help button.
Note
Step 7
On the ASA 5500 series adaptive security appliance, identify traffic to divert to the CSC SSM (see the
"Diverting Traffic to the CSC SSM" section on page
Step 8
(Optional) Review the default content security policies in the CSC SSM GUI. The default content
security policies are suitable for most implementations. Before you modify them or enter advanced
configuration settings, review the
You review the content security policies by viewing the enabled features in the CSC SSM GUI. The
availability of features depends on the license level you have purchased. By default, all features included
in the license you have purchased are enabled.
With a Base License, the features enabled by default are SMTP virus scanning, POP3 virus scanning and
content filtering, webmail virus scanning, HTTP file blocking, FTP virus scanning and file blocking,
logging, and automatic updates.
With a Plus License, the additional features enabled by default are SMTP anti-spam, SMTP content
filtering, POP3 anti-spam, URL blocking, and URL filtering.
To access the CSC SSM GUI, in ASDM choose Configuration > Trend Micro Content Security, and
then select one of the following: Web, Mail, File Transfer, or Updates. The links on these panes,
beginning with the word "Configure," open the CSC SSM GUI.
Determining What Traffic to Scan
The CSC SSM can scan FTP, HTTP, POP3, and SMTP traffic only when the destination port of the
packet requesting the connection is the well-known port for the specified protocol. The CSC SSM can
scan only the following connections:
•
•
•
•
You can choose to scan traffic for all of these protocols or any combination of them. For example, if you
do not allow network users to receive POP3 e-mail, do not configure the adaptive security appliance to
divert POP3 traffic to the CSC SSM. Instead, block this traffic.
To maximize performance of the adaptive security appliance and the CSC SSM, divert to the CSC SSM
only the traffic that you want the CSC SSM to scan. Needlessly diverting traffic that you do not want to
scan, such as traffic between a trusted source and destination, can adversely affect network performance.
OL-12172-03
If you are using NTP, verify the NTP configuration. Choose Configuration > Properties > Device
Administration > NTP.
If you are accessing ASDM for the first time, see the
Appliance Getting Started Guide
FTP connections opened to TCP port 21.
HTTP connections opened to TCP port 80.
POP3 connections opened to TCP port 110.
SMTP connections opened to TCP port 25.
for assistance with the Startup Wizard.
22-16).
Trend Micro InterScan for Cisco CSC SSM Administrator
Cisco Security Appliance Command Line Configuration Guide
Managing the CSC SSM
Cisco ASA 5500 Series Adaptive Security
Guide.
22-13
Advertisement
Table of Contents
Troubleshooting
