CHAPT ER
60-1
Cisco ASA 5500 Series Configuration Guide using the CLI
60
Configuring the ASA CSC Module
This chapter describes how to configure the Content Security and Control (CSC) application that is
installed in a CSC SSM in the ASA.
This chapter includes the following sections:
Information About the CSC SSM, page 60-1
Licensing Requirements for the CSC SSM, page 60-5
Prerequisites for the CSC SSM, page 60-5
Guidelines and Limitations, page60-6
Default Settings, page60-6
Configuring the CSC SSM, page60-7
Monitoring the CSC SSM, page 60-13
Troubleshooting the CSC Module, page 60-14
Configuration Examples for the CSC SSM, page60-16
Where to Go Next, page60-18
Additional References, page60-18
Feature History for the CSC SSM, page60-18

Information About the CSC SSM

Some ASA models support the CSC SSM, which runs Content Security and Control software. The CSC
SSM provides protection against viruses, spyware, spam, and other unwanted traffic by scanning the
FTP, HTTP/HTTPS, POP3, and SMTP packets that you configure the ASA to send to it.
For more information about the CSC SSM, see the following URL:
http://www.cisco.com/en/US/products/ps6823/index.html
Figure 60-1 shows the flow of traffic through an ASA that has the following:
A CSC SSM installed and configured.
A service policy that determines what traffic is diverted to the CSC SSM for scanning.
In this example, the client could be a network user who is accessing a website, downloading files from
an FTP server, or retrieving mail from a POP3 server. SMTP scans differ in that you should configure
the ASA to scan traffic sent from the outside to SMTP servers protected by the ASA.