64-9
Cisco ASA 5500 Series Configuration Guide using ASDM
Chapter64 Configuring the ASA CSC Module
Configuring the CSC SSM
To connect to the CSC SSM, perform the following steps:
Step1 In the ASDM main application window, click the Content Security tab.
Step2 In the Connecting to CSC dialog box, click one of the following radio buttons:
To connect to the IP address of the management port on the SSM, click Management IP Address.
ASDM automatically detects the IP address for the SSM in the ASA. If this detection fails, you can
specify the management IP address manually.
To connect to an alternate IP address or hostname on the SSM, click Other IP Address or
Hostname.
Step3 Enter the port number in the Port field, and then click Continue.
Step4 In the CSC Password field, type your CSC password, and then click OK.
Note If you have not completed the CSC Setup Wizard (choose Configuration> Trend Micro
Content Security > CSC Setup > Wizard Setup), complete the configuration in the CSC
Setup Wizard, which includes changing the default password, “cisco.”
For ten minutes after you have entered the password, you do not need to reenter the CSC SSM
password to access other parts of the CSC SSM GUI.
Step5 To access the CSC SSM GUI, choose Configuration> Trend Micro Content Security, and then click
one of the following tabs: Web, Mail, File Transfer, or Updates.
What to Do Next
See the “Determining Service Policy Rule Actions for CSC Scanning” section on page64-9.
Determining Service Policy Rule Actions for CSC Scanning
The CSC SSM scans only HTTP/HTTPS, SMTP, POP3, and FTP traffic. If your service policy includes
traffic that supports other protocols in addition to these four, packets for other protocols are passed
through the CSC SSM without being scanned. You should configure the service policy rules that send
packets to the CSC SSM to support only HTTP/HTTPS, SMTP, POP3, or FTP traffic.
The CSC Scan tab in the Add Service Policy Rule Wizard lets you determine whether or not the CSC
SSM scans traffic identified by the current traffic class. This tab appears only if a CSC SSM is installed
in the ASA.
To configure service policy rules for CSC scanning, perform the following steps:
Step1 In the ASDM main application window, choose Configuration > Firewall > Service Policy Rules.
Step2 On the toolbar, click Add.
The Add Service Policy Rule Wizard screen appears.
Step3 Click the Global - applies to all interfaces option, and then click Next.
The Traffic Classification Criteria screen appears.