Chapter 19 Managing the AIP SSM and CSC SSM

Managing the AIP SSM

hostname(config-cmap)# match access-list IPS hostname(config-cmap)# policy-mapmy-ids-policyhostname(config-pmap)# class my-ips-classhostname(config-pmap-c)# ips promiscuous fail-closehostname(config-pmap-c)# service-policymy-ips-policy global

Sessioning to the AIP SSM and Running Setup

After you have completed configuration of the ASA 5500 series adaptive security appliance to divert traffic to the AIP SSM, session to the AIP SSM and run the setup utility for initial configuration.

Note You can either session to the SSM from the adaptive security appliance (by using the session 1 command) or you can connect directly to the SSM using SSH or Telnet on its management interface. Alternatively, you can use ASDM.

To session to the AIP SSM from the adaptive security appliance, perform the following steps:

Step 1 Enter the session 1 command to session from the ASA 5500 series adaptive security appliance to the AIP SSM:

hostname# session 1

Opening command session with slot 1.

Connected to slot 1. Escape character sequence is 'CTRL-^X'.

Step 2 Enter the username and password. The default username and password are both cisco.

Note The first time you log in to the AIP SSM you are prompted to change the default password. Passwords must be at least eight characters long and not a dictionary word.

login: cisco Password:

Last login: Fri Sep 2 06:21:20 from xxx.xxx.xxx.xxx

***NOTICE***

This product contains cryptographic features and is subject to United States and local country laws governing import, export, transfer and use. Delivery

of Cisco cryptographic products does not imply third-party authority to import, export, distribute or use encryption. Importers, exporters, distributors and users are responsible for compliance with U.S. and local country laws. By using this product you agree to comply with applicable laws and regulations. If you are unable to comply with U.S. and local laws, return this product immediately.

A summary of U.S. laws governing Cisco cryptographic products may be found at:

http://www.cisco.com/wwl/export/crypto/tool/stqrg.html

If you require further assistance please contact us by sending email to export@cisco.com.

***LICENSE NOTICE***

There is no license key installed on the system. Please go to http://www.cisco.com/go/license

to obtain a new license or install a license.

AIP SSM#

Cisco Security Appliance Command Line Configuration Guide

19-4

OL-8629-01

 

 

Page 3 Page 5
Page 4
Image 4
Cisco Systems ASA 5500 manual Sessioning to the AIP SSM and Running Setup, 19-4
Page 3 Page 5

ASA 5500 specifications

Cisco Systems ASA 5500 is a robust security appliance designed to provide advanced network security and protection against both internal and external threats. Ideal for organizations of various sizes, the ASA 5500 series offers a wide range of features that combine firewall capabilities with intrusion prevention, VPN support, and application control, among others.

One of the key features of the ASA 5500 is its stateful firewall technology. This allows the device to monitor active connections and enforce security policies based on the state of the traffic. By maintaining the context of network sessions, the firewall can make informed decisions on whether to allow or deny traffic based on established rules.

In addition to traditional firewall functionalities, the ASA 5500 series integrates advanced intrusion prevention capabilities. By analyzing traffic patterns and identifying known threats, the IPS functionality helps organizations defend against a variety of malicious activities, such as DDoS attacks, malware, and unauthorized access attempts. The ASA 5500 continuously updates its threat intelligence through Cisco's global threat database, enhancing its ability to detect emerging threats in real-time.

Virtual Private Network (VPN) support is another significant aspect of the ASA 5500 series. The device offers secure, encrypted connections for remote users and branch offices, ensuring safe access to corporate resources over the Internet. It supports both IPsec and SSL VPN protocols, allowing organizations to choose the best option for their specific needs. This capability is crucial for businesses that require a secure environment for remote work.

The ASA 5500 series also features extensive application control and visibility tools. These tools enable organizations to manage and control the applications running on their network, ensuring that only authorized applications can communicate through the firewall. This level of control helps to mitigate risks associated with unauthorized applications, which can lead to data breaches or reduced productivity.

Moreover, the ASA 5500 is designed with high availability and scalability in mind. Its clustering support ensures that multiple units can work together to provide redundancy and load balancing, enhancing both performance and reliability. This characteristic is especially important for organizations looking to maintain continuous operation during traffic spikes or hardware failures.

In summary, Cisco Systems ASA 5500 is an all-in-one security solution that combines stateful firewall protection, intrusion prevention, VPN capabilities, and application control. With its robust feature set and focus on security, it is well-suited for organizations seeking to protect their networks from an ever-evolving landscape of cyber threats. Whether for small businesses or large enterprises, the ASA 5500 provides the necessary tools to create a secure networking environment.
Top Page Image Contents