Cisco Systems ASA 5500 manual Getting Started with the CSC SSM, 19-7

Chapter 19 Managing the AIP SSM and CSC SSM

Managing the CSC SSM

CSC SSM cannot suport stateful failover, because the CSC SSM does not maintain connection information and therefore cannot provide the failover unit with information necessary for stateful failover. The connections that a CSC SSM is scanning are dropped upon failure of the security appliance that the CSC SSM is installed in. When the standby adaptive security appliance becomes active, it will forward the scanned traffic to its CSC SSM and the connections will be reset.

Getting Started with the CSC SSM

Before you receive the security benefits provided by a CSC SSM, you must perform several steps beyond simple hardware installation of the SSM. This procedure provides an overview of those steps.

To configure the adaptive security appliance and the CSC SSM, follow these steps:

Step 1 If the CSC SSM did not come pre-installed in a Cisco ASA 5500 series adaptive security appliance, install it and connect a network cable to the management port of the SSM. For assistance with installation and connecting the SSM, see the Cisco ASA 5500 Series Hardware Installation Guide.

The management port of the CSC SSM must be connected to your network to allow management of and automatic updates to the CSC SSM software. Additionally, the CSC SSM uses the management port for email notifications and syslogging.

Step 2 With the CSC SSM, you should have received a Product Authorization Key (PAK). Use the PAK to register the CSC SSM at the following URL.

http://www.cisco.com/go/license

After you register, you will receive activation keys by email. The activation keys are required before you can complete Step 6

Step 3 Gather the following information, for use in Step 6.

•Activation keys, received after completing Step 2.

•SSM management port IP address, netmask, and gateway IP address.

Cisco Security Appliance Command Line Configuration Guide