Connecting to the csc ssm, Step 6 – Cisco ASA 5505 User Manual

Page 1276

Advertising
background image

60-8

Cisco ASA 5500 Series Configuration Guide using the CLI

Chapter 60 Configuring the ASA CSC Module

Configuring the CSC SSM

If you manually control time settings, verify the clock settings, including time zone. Choose
Configuration > Properties > Device Administration > Clock.

If you are using NTP, verify the NTP configuration. Choose Configuration > Properties > Device
Administration > NTP
.

Step 6

Open ASDM.

Step 7

Connect to and log in to the CSC SSM. For instructions, see the

“Connecting to the CSC SSM” section

on page 60-8

.

Step 8

Configure service policies to divert traffic that you want scanned to the CSC SSM. For instructions, see
the

“Diverting Traffic to the CSC SSM” section on page 60-10

.

Step 9

Run the CSC Setup Wizard.

To access the CSC Setup Wizard, choose Configuration > Trend Micro Content Security > CSC
Setup > Wizard Setup > Launch Setup Wizard
.

If you are rerunning the CSC Setup Wizard, perform the same step listed in the previous bullet.

The CSC Setup Wizard appears.

Step 10

Complete the CSC Setup Wizard.

Note

If you create a global service policy to divert traffic for CSC scans, all traffic (inbound and
outbound) for the supported protocols is scanned. To maximize performance of the ASA and the
CSC SSM, scan traffic only from untrusted sources.

Step 11

To reduce the load on the CSC SSM, configure the service policy rules that send packets to the CSC SSM
to support only HTTP/HTTPS, SMTP, POP3, or FTP traffic.

Step 12

(Optional) Review the default content security policies in the CSC SSM GUI, which are suitable for most
implementations. You review the content security policies by viewing the enabled features in the CSC
SSM GUI. For the availability of features, see the

“Licensing Requirements for the CSC SSM” section

on page 60-5

. For the default settings, see the

“Default Settings” section on page 60-6

.

What to Do Next

See the

“Connecting to the CSC SSM” section on page 60-8

.

Connecting to the CSC SSM

With each session you start in ASDM, the first time you access features related to the CSC SSM, you
must specify the management IP address and provide the password for the CSC SSM. After you
successfully connect to the CSC SSM, you are not prompted again for the management IP address and
password. If you start a new ASDM session, the connection to the CSC SSM is reset and you must
specify the IP address and the CSC SSM password again. The connection to the CSC SSM is also reset
if you change the time zone on the ASA.

Note

The CSC SSM has a password that is maintained separately from the ASDM password. You can
configure the two passwords to be identical, but changing the CSC SSM password does not affect the
ASDM password.

Advertising