Information about management access, Figure 58-3 – Cisco ASA 5505 User Manual

Page 1224

Advertising
background image

58-4

Cisco ASA 5500 Series Configuration Guide using the CLI

Chapter 58 Configuring the ASA IPS Module

Information About the ASA IPS module

Figure 58-3

Security Contexts and Virtual Sensors

Figure 58-4

shows a single mode ASA paired with multiple virtual sensors (in inline mode); each defined

traffic flow goes to a different sensor.

Figure 58-4

Single Mode ASA with Multiple Virtual Sensors

Information About Management Access

You can manage the IPS application using the following methods:

Sessioning to the module from the ASA—If you have CLI access to the ASA, then you can session
to the module and access the module CLI. See the

“Sessioning to the Module from the ASA” section

on page 58-9

.

Connecting to the IPS management interface using ASDM or SSH—After you launch ASDM on the
ASA, ASDM connects to the module management interface to configure the IPS application. For
SSH, you can access the module CLI directly on the module management interface. (Telnet access
requires additional configuration in the module application). The module management interface can
also be used for sending syslog messages or allowing updates for the module application, such as
signature database updates. See the

“Connecting Management Interface Cables” section on

page 58-7

.

See the following information about the management interface:

ASA

Main System

IPS

Sensor

1

Context

1

Context

2

Context

3

Sensor

2

251

160

Sensor

1

Sensor

2

Sensor

3

ASA

Main System

IPS

Traffic 1

Traffic 2

Traffic 3

251

159

Advertising