Configuring the ASA IPS module is a process that includes configuration of the IPS security policy on
the ASA IPS module and then configuration of the ASA to send traffic to the ASA IPS module. To
configure the ASA IPS module, perform the following steps:

Step 1

Cable the ASA IPS management interface. See the

“Connecting the ASA IPS Management Interface”

section on page 31-8

Step 2

Session to the module. Access the IPS CLI over the backplane.See the

“Sessioning to the Module from

the ASA” section on page 31-11

Step 3

(ASA 5512-X through ASA 5555-X; may be required) Install the software module. See the

“(ASA

5512-X through ASA 5555-X) Booting the Software Module” section on page 31-11

Step 4

Depending on your ASA model:

•

(ASA 5510 and higher) Configure basic network settings for the IPS module. See the

“(ASA 5510

and Higher) Configuring Basic Network Settings” section on page 31-13

•

(ASA 5505) Configure the management VLAN and IP address for the IPS module. See the

“(ASA

5505) Configuring Basic Network Settings” section on page 31-13

Step 5

On the module, configure the inspection and protection policy, which determines how to inspect traffic
and what to do when an intrusion is detected. See the

“Configuring the Security Policy on the ASA IPS

Module” section on page 31-15

Step 6

(ASA 5510 and higher, optional) On the ASA in multiple context mode, specify which IPS virtual
sensors are available for each context (if you configured virtual sensors). See the

“Assigning Virtual

Sensors to a Security Context (ASA 5510 and Higher)” section on page 31-16

Step 7

On the ASA, identify traffic to divert to the ASA IPS module. See the

“Diverting Traffic to the ASA IPS

module” section on page 31-18