Cisco Systems ASA 5500 Manual De Usuario

This section includes the following topics: 

Configuring the AIP SSM is a three-part process that involves configuration of the 
adaptive security appliance first, then configuration of the AIP SSM, and then the 
configuration of the IPS software:

On the ASA 5500 series adaptive security appliance, identify traffic to divert 
to the AIP SSM (as described in the 

On the AIP SSM, configure the inspection and protection policy, which 
determines how to inspect traffic and what to do when an intrusion is 
detected. 

Configure the IPS software that runs on the AIP SSM. Information about the 
IPS software is beyond the scope of this document. Detailed information 
about IPS software configuration is available in the following separate 
documentation that came with your IPS product:

You use MPF (Modular Policy Framework) commands to configure the adaptive 
security appliance to divert traffic to the AIP SSM. This procedure provides 
sufficient information to configure a simple set of policies in an AIP SSM 
deployment. If you want to create a more complex set of policies, read the 
Modular Policy Framework chapter in Cisco Security Appliance Command Line 
Configuration Guide which introduces Modular Policy Framework concepts and 
common commands.