Cisco Systems ASA 5500 Benutzerhandbuch

To simplify the initial configuration process, this procedure creates a global 
service policy that diverts all traffic for the supported protocols to the CSC SSM, 
both inbound and outbound. Because scanning all traffic coming through the 
adaptive security appliance may reduce the performance of the adaptive security 
appliance and the CSC SSM, you may want to revise this security policy later. For 
example, it is not usually necessary to scan all traffic coming from your inside 
network because it is coming from a trusted source. By refining the service 
policies so that the CSC SSM scans only traffic from untrusted sources, you can 
achieve your security goals and maximize performance of the adaptive security 
appliance and the CSC SSM. 

To create a global service policy that identifies traffic to be scanned, perform the 
following steps: 

In the main ASDM window, click the Configuration tab. 

Click Security Policies, and then click the Service Policy Rules radio button. 

Click Add. 

The Add Service Policy Rule appears. 

In the Service Policy page, click the Global - applies to all interfaces radio 
button.