Cisco Systems ASA5515K9, ASA 5500 Connecting to the CSC SSM

60-8

Cisco ASA 5500 Series Configuration Guide using the CLI

Chapter60 Configuring the ASA CSC Module

Configuring the CSC SSM

•If you manually control time settings, verify the clock settings, including time zone. Choose

Configuration> Properties > Device Administration > Clock.

•If you are using NTP, verify the NTP configuration. Choose Configuration> Properties > Device

Administration > NTP.

Step6 Open ASDM.

Step7 Connect to and log in to the CSC SSM. For instructions, see the “Connecting to the CSC SSM” section

on page 60-8.

Step8 Configure service policies to divert traffic that you want scanned to the CSC SSM. For instructions, see

the “Diverting Traffic to the CSC SSM” section on page60-10.

Step9 Run the CSC Setup Wizard.

•To access the CSC Setup Wizard, choose Configuration> Trend Micro Content Security > CSC

Setup > Wizard Setup > Launch Setup Wizard.

•If you are rerunning the CSC Setup Wizard, perform the same step listed in the previous bullet.

The CSC Setup Wizard appears.

Step10 Complete the CSC Setup Wizard.

Note If you create a global service policy to divert traffic for CSC scans, all traffic (inbound and

outbound) for the supported protocols is scanned. To maximize performance of the ASA and the

CSC SSM, scan traffic only from untrusted sources.

Step11 To reduce the load on the CSC SSM, configure the service policy rules that send packets to the CSC SSM

to support only HTTP/HTTPS, SMTP, POP3, or FTP traffic.

Step12 (Optional) Review the default content security policies in the CSC SSM GUI, which are suitable for most

implementations. You review the content security policies by viewing the enabled features in the CSC

SSM GUI. For the availability of features, see the “Licensing Requirements for the CSC SSM” section

on page 60-5. For the default settings, see the “Default Settings” section on page60-6.

What to Do Next

See the “Connecting to the CSC SSM” section on page60-8.

Connecting to the CSC SSM

With each session you start in ASDM, the first time you access features related to the CSC SSM, you

must specify the management IP address and provide the password for the CSC SSM. After you

successfully connect to the CSC SSM, you are not prompted again for the management IP address and

password. If you start a new ASDM session, the connection to the CSC SSM is reset and you must

specify the IP address and the CSC SSM password again. The connection to the CSC SSM is also reset

if you change the time zone on the ASA.

Note The CSC SSM has a password that is maintained separately from the ASDM password. You can

configure the two passwords to be identical, but changing the CSC SSM password does not affect the

ASDM password.