60-8
Cisco ASA 5500 Series Configuration Guide using the CLI
Chapter60 Configuring the ASA CSC Module
Configuring the CSC SSM
If you manually control time settings, verify the clock settings, including time zone. Choose
Configuration> Properties > Device Administration > Clock.
If you are using NTP, verify the NTP configuration. Choose Configuration> Properties > Device
Administration > NTP.
Step6 Open ASDM.
Step7 Connect to and log in to the CSC SSM. For instructions, see the “Connecting to the CSC SSM” section
on page 60-8.
Step8 Configure service policies to divert traffic that you want scanned to the CSC SSM. For instructions, see
the “Diverting Traffic to the CSC SSM” section on page60-10.
Step9 Run the CSC Setup Wizard.
To access the CSC Setup Wizard, choose Configuration> Trend Micro Content Security > CSC
Setup > Wizard Setup > Launch Setup Wizard.
If you are rerunning the CSC Setup Wizard, perform the same step listed in the previous bullet.
The CSC Setup Wizard appears.
Step10 Complete the CSC Setup Wizard.
Note If you create a global service policy to divert traffic for CSC scans, all traffic (inbound and
outbound) for the supported protocols is scanned. To maximize performance of the ASA and the
CSC SSM, scan traffic only from untrusted sources.
Step11 To reduce the load on the CSC SSM, configure the service policy rules that send packets to the CSC SSM
to support only HTTP/HTTPS, SMTP, POP3, or FTP traffic.
Step12 (Optional) Review the default content security policies in the CSC SSM GUI, which are suitable for most
implementations. You review the content security policies by viewing the enabled features in the CSC
SSM GUI. For the availability of features, see the “Licensing Requirements for the CSC SSM” section
on page 60-5. For the default settings, see the “Default Settings” section on page60-6.
What to Do Next
See the “Connecting to the CSC SSM” section on page60-8.
Connecting to the CSC SSM
With each session you start in ASDM, the first time you access features related to the CSC SSM, you
must specify the management IP address and provide the password for the CSC SSM. After you
successfully connect to the CSC SSM, you are not prompted again for the management IP address and
password. If you start a new ASDM session, the connection to the CSC SSM is reset and you must
specify the IP address and the CSC SSM password again. The connection to the CSC SSM is also reset
if you change the time zone on the ASA.
Note The CSC SSM has a password that is maintained separately from the ASDM password. You can
configure the two passwords to be identical, but changing the CSC SSM password does not affect the
ASDM password.