Table of Contents
Advertisement
Understanding the AIP SSM
Understanding the AIP SSM
How the AIP SSM Works with the Adaptive Security Appliance
Cisco ASA 5500 Series Getting Started Guide
13-2
This section includes the following topics:
•
How the AIP SSM Works with the Adaptive Security Appliance, page 13-2
Operating Modes, page 13-3
•
Using Virtual Sensors, page 13-4
•
The AIP SSM runs a separate application from the adaptive security appliance. It
is, however, integrated into the adaptive security appliance traffic flow. The AIP
SSM does not contain any external interfaces itself, other than a management
interface. When you identify traffic for IPS inspection on the adaptive security
appliance, traffic flows through the adaptive security appliance and the AIP SSM
in the following way:
Traffic enters the adaptive security appliance.
1.
2.
Firewall policies are applied.
Traffic is sent to the AIP SSM over the backplane.
3.
See the
"Operating Modes" section on page 13-3
sending a copy of the traffic to the AIP SSM.
The AIP SSM applies its security policy to the traffic, and takes appropriate
4.
actions.
Valid traffic is sent back to the adaptive security appliance over the
5.
backplane; the AIP SSM might block some traffic according to its security
policy, and that traffic is not passed on.
VPN policies are applied (if configured).
6.
Traffic exits the adaptive security appliance.
7.
Figure 13-1
shows the traffic flow when running the AIP SSM in inline mode. In
this example, the AIP SSM automatically blocks traffic that it identified as an
attack. All other traffic is forwarded through the adaptive security appliance.
Chapter 13
Configuring the AIP SSM
for information about only
78-19186-01
Hide quick links:
Advertisement
Table of Contents
