Cisco Systems ASA 5500 Benutzerhandbuch
C H A P T E R
9-1
Cisco ASA 5500 Series Adaptive Security Appliance Getting Started Guide
78-17611-01
9
Configuring the AIP SSM
The optional AIP SSM runs advanced IPS software that provides further security
inspection either in inline mode or promiscuous mode. The adaptive security
appliance diverts packets to the AIP SSM just before the packet exits the egress
interface (or before VPN encryption occurs, if configured) and after other firewall
policies are applied. For example, packets that are blocked by an access list are
not forwarded to the AIP SSM.
inspection either in inline mode or promiscuous mode. The adaptive security
appliance diverts packets to the AIP SSM just before the packet exits the egress
interface (or before VPN encryption occurs, if configured) and after other firewall
policies are applied. For example, packets that are blocked by an access list are
not forwarded to the AIP SSM.
If you purchased an AIP SSM, use the procedures in this chapter to:
•
Configure the adaptive security appliance to identify traffic to be diverted to
the AIP SSM
the AIP SSM
•
Session in to the AIP SSM and run setup
Note
The AIP SSM is supported in ASA software versions 7.01 and later.
This chapter includes the following sections:
•
•
AIP SSM Configuration
This procedure describes the configuration steps you must take to configure the
adaptive security appliance for AIP SSM.
adaptive security appliance for AIP SSM.