Cisco Systems and the ASA Services Module Manual De Usuario

In the outside-policy, outside-class matches SMTP traffic from any outside source to the DMZ network. 
This setting protects the SMTP server and inside users who download e-mail from the SMTP server on 
the DMZ network, without having to scan connections from SMTP clients to the server.

If the web server on the DMZ network receives files uploaded by HTTP from external hosts, you can add 
a rule to the outside policy that matches HTTP traffic from any source to the DMZ network. Because the 
policy is applied to the outside interface, the rule would only match connections from HTTP clients 
outside the ASA.

The CSC SSM has the following prerequisites:

A CSC SSM card must be installed in the ASA.

A Product Authorization Key (PAK) for use in registering the CSC SSM.

Activation keys that you receive by e-mail after you register the CSC SSM.

The management port of the CSC SSM must be connected to your network to allow management 
and automatic updates of the CSC SSM software.

The CSC SSM management port IP address must be accessible by the hosts used to run ASDM. 

You must obtain the following information to use in configuring the CSC SSM:

The CSC SSM management port IP address, netmask, and gateway IP address.

DNS server IP address.

HTTP proxy server IP address (needed only if your security policies require the use of a proxy 
server for HTTP access to the Internet).

ASA 5510

Base License—Supports SMTP virus scanning, POP3 virus scanning and content filtering, web 
mail virus scanning, HTTP file blocking, FTP virus scanning and file blocking, logging, and 
automatic updates. Supports two contexts.

Security Plus License—Supports the Base license features, plus SMTP anti-spam, SMTP content 
filtering, POP3 anti-spam, URL blocking, and URL filtering. Supports two contexts. 

ASA 5520

Base License—Supports all features. Supports two contexts.

 ASA 5540

Base License—Supports all features. Supports two contexts.

All other models

No support.