Filtering sub-categories on Interscan for CSC SSM

Does anyone no how to identify what URL's are classified as a part of each sub-category? Is there a published list somewhere that I can tell which sites are part of certain categories?
Thanks,
Larry

Try this link:
http://www.cisco.com/univercd/cc/td/doc/product/multisec/modules/cscssm/cscssm61/csc61adm/

Similar Messages

License violation has been detected on the InterScan for CSC SSM

We are receiving this everyday at 1 AM, but there is no traffic on the network at this time. What can I do on the ASA or CSC to find out where and what this traffic is?
There are currently 559 active nodes while you only have 500 seats of license. 59 more seats of license is required.

This issue has confused us for a while too… Here’s the deal:
Even after the license violation the traffic for all the users will be scanned by the module. Despite the error message that you are seeing, the CSC will not drop connections due strictly to license violations. It is only a warning at this point.
With a high number of nodes, it is likely that you will overwhelm the CSC processing capacity. If the users are overly aggressive in their connections, they can easily max out the capacity.
Here's a high level link:
http://www.cisco.com/en/US/customer/products/ps6120/products_white_paper0900aecd805c3cd6.shtml
Can you increase the license? It only goes up to 1,000.
How can you tell what the count is? Use the following command from the ASA CLI:
show csc node-count yesterday
Here's the link:
http://www.cisco.com/en/US/docs/security/asa/asa72/command/reference/s2_72.html#wp1186101
Hope this helps!

InterScan for CSC SSM Notification

I have received this message from my ASA5500 with SSM module:Compact Flash storage is nearly out of space
After that I have received other one with the message: Scan services have recovered from a previous failure. The SSM system is now back to normal.
I think the SSM module hasa Flash with a 1GB, someone knows it is normal or something is wrong??

We opened a TAC case for this. And we received the following response...The error your getting is a known cosmetic error. It will not affect anything. There is currently no work around at the moment. This is normal, there is a built in mechanism that automatically cleans up the flash."

Which part number for CSC-SSM with Plus license?

Dear All,
Which part number for CSC-SSM with Plus License? i saw the part number for standard license.
could you let me know?
Best regards,

Hi,
The part number is the following:
ASA-CSCX-YP-ZY
where X is your CSC model, Y is the number of seats of the license and Z is the number of years.
For instance, if you need a 2 year plus license for a CSC10 with 250 seats, the part number would be ASA-CSC10-250P-2Y
Regards,
Nicolas

ASA 5520 : IP address for CSC SSM

Hi All,
I have an ASA 5520 with CSC SSM. I have base and plus license and want to activate it. T he IP address and gateway have to be configured on the CSC SSM. I have configured IP addresses for the INSIDE,OUTSIDE,DMZ and MGMT. The outside is a public IP address. Now for the CSC SSM what range should i give?
There is an ISA server on the DMZ where all user IP's get PATed and on ASA this gets NATed on the ASA. Direct access to the internet exists for the servers (bypassing proxy).
My basic doubt is about the IP address and gateway that the CSC SSM should have and is it related ot the management interface ip address?
Thanks and Regards.
Sonu

Hi
put your CSC ip address as outside interface subnet.because CSC needs automatic updates from internet.and you can able to manage CSC from remote itself.
for EX
your outside ip is 10.0.0.1/24,make CSC IP As 10.0.0.2/24,Gateway 10.0.0.1
Hopes this helps
regs
S.Mohana sundaram

Trend Micro updates for CSC SSM

Any word on if or when patch would be available for 6.3.1172 ? My ASA has only 256kb memory, and I believe it would require a memory upgrade for any further software upgrades.

The mail and TMCM agent service is always stopped. Access to CSC-SSM via web browser is not possible, nothing happens, and ASDM is not communicating with CSC. I restarted management access port, without success. Restore to Factory settings is not possible. I get this error message:
Restoring default settings: /opt/trend/isvw/bin/setup.bin: line 2861: /opt/trend/isvw/lib/mail/rules/UserApprovedList.txt: Read-only file system
/opt/trend/isvw/bin/setup.bin: line 2862: /opt/trend/isvw/lib/mail/rules/UserBlockedList.txt: Read-only file system
cp: unable to remove `/opt/trend/isvw/config/mail/imss.ini': Read-only file system
cp: unable to remove `/opt/trend/isvw/config/mail/imss.ini': Read-only file system
cp: unable to remove `/opt/trend/isvw/config/mail/imss.ini': Read-only file system
cp: unable to remove `/opt/trend/isvw/config/mail/imss.ini': Read-only file system
cp: unable to remove `/opt/trend/isvw/config/mail/imss.ini': Read-only file system
cp: unable to remove `/opt/trend/isvw/config/mail/imss.ini': Read-only file system
cp: unable to remove `/opt/trend/isvw/config/web/intscan.ini': Read-only file system
cp: unable to remove `/opt/trend/isvw/config/mail/imss.ini': Read-only file system
cp: unable to remove `/opt/trend/isvw/config/mail/imss.ini': Read-only file system
cp: unable to remove `/opt/trend/isvw/config/mail/imss.ini': Read-only file system
cp: unable to remove `/opt/trend/isvw/config/mail/imss.ini': Read-only file system
cp: unable to remove `/opt/trend/isvw/config/mail/imss.ini': Read-only file system
cp: unable to remove `/opt/trend/isvw/config/mail/imss.ini': Read-only file system
I try to reimage with 6.2 version, maybe this helps.
If you have a clue tell me!
Thank you

Password recovery for CSC-SSM

i have CSC ssm module in my lab. i forgot its username/password and also the ip address of csc module. when i tried to do reimgine the csc module, setup asks for ip address of csc module. is there is any way to recover password without knowing the ip address of CSC module.

This document describes how to recover a password on a Cisco ASA 5500 Series Content Security and Control Security Services Module (CSC-SSM) or the Advanced Inspection and Prevention Security Services Module (AIP-SSM) without having to re-image the device.
http://cisco.com/en/US/partner/products/ps6120/products_password_recovery09186a00807f5a59.shtml

HTTPS Filtering on CSC SSM-10

Hello,
One of our customers has an ASA5510 with CSC SSM-10 security module. The software version of the module is 6.6.1125.0.
Is it possible to do https filtering with this module ? The cutomer is complaining that this is not possible..., They cannot do this.
Please any help or suggestion how to assist them ?
p.s. from Cisco I've read the following:
• HTTPS Filtering
     – Able to allow or block HTTPS traffic.
     – Supports group-based and user-based HTTPS policies.
     – Includes URL blocking/URL exception list support for HTTPS domains.
Thank you and best regards,
Ilir

This should help:
http://www.cisco.com/en/US/docs/security/csc/csc66/administration/guide/csc1.html

How do we create a a main podcast category with sub-categories similar to the way many bands have subcategories and artwork for each of their albums?

How does a content producer create a main category with sub-categories similar to the way many bands have subcategories and artwork for each of their albums?

I think you're talking about an 'Artist Page' in which several podcasts are 'aggregated' into one iTunes Store page? This Apple Tech note deals with the subject (scroll to the bottom of the page):
http://www.apple.com/itunes/podcasts/creatorfaq.html
Although your mention of albums makes me wonder whether there you are talking about albums and songs in the music Library? - podcasts don't come in albums.
You've also asked this in another forum:
I have created a feed for our podcasts, but they are all under one umbrella. We would like to have subcategories under one main category.
'A feed for your podcasts' doesn't make sense - a podcast has one feed (and vice versa). Are you confusing 'episodes' with 'podcasts'? A podcast is a collection of episodes - you can't categorize the episodes separately. The category shows only on the Store page and applies to the entire podcast. The 'Artist' page may again be what you are aiming for - if not perhaps you could post an example of what someone else is doing that you would like to.

Simple question about CSC-SSM

Hi,
I must block a HTTPS website using CSC-SSM on a ASA 5520 but it looks like it won't block HTTPS traffic at all so I've been searching around and I found that "Traffic that moves through HTTPS cannot be scanned for viruses and other threats by the CSC-SSM software.".
Anyone has sucessfully blocked HTTPS traffic using CSC-SSM?
Which other blocking methods would you recommend? ASA's URL filtering?
Thanks in advice.
Guilherme

hi Guilherme
the idea with https it is a secured http with sslor tls which is the same idea with vpn/IPSEC where the traffic is tunnled and cannot be inspected before get devrypted
which wshould be the same with all vendors
if u can inspect the https and scan it then it is not secure enough !! right :)
good luck
if helpful Rate

Why does the iPad AppStore not show sub categories ?

I always search around on my iPhone and come across a new app but on the iPad you can only see featured apps, is there a reason why it is like this, why we can't browse apps like on the iPhone.

Dude why do you have to be a nub? You know what he means. Don't suggest using your computer to search. That is ignorant. The whole point in getting a iPad is to replace using a computer for easy day to day usage. Especially in this case. Searching the iPad app store is a joke. I been messing around with this thing for a hour trying to do stuff that takes seconds on my iPhone. There is they key statement. iPhone! Can you say iPhone? The iPhone has a superior search function to the iPad. There is absolutely positively no reason get go sit at my computer to search apps when I can do everything I want from the comfort of my bed on my iPhone at night. So apple got it right on the iPhone but dropped the ball on the iPad app store. Sure I can search from my iPhone but I want to search iPad specific apps in the RPG games category. Is that to much to ask? The iPhone already does it so don't say goto your computer. I have bought a ton of games I didn't even know I wanted by searching sub categories on my iPhone. I'd like to think this was a oversight that will be fixed but looking at older post it seems this has been the case for awhile, so it leads me to believe there is some evil pay apple to get yours apps featured thing going on.

Creating a table based on Category and Sub-Categories

Hi
I am building an extensive home budget. I have 3 tables showing, monthly, quarterly and annual costs. These tables contain Categories and Sub-Categories. I have created a table and chart to show the percentage of the total costs for each Category. For the two Categories with the largest percentage of the total cost I would like to create a table (and chart, no problem, based on my first template) showing the breakdown of the Sub-Categories. However this information is to be retrieved from 3 tables, and I was hoping to create the table automatically. If not I must individually go to each different table and find the relevant Sub-Category and manually input the text and link the cell for the value to my new table. This gives room for error in my opinion and is a nuisance as my budget file now contains about 8 sheets so even on 27" iMac requires a considerable amount of scrolling around.
Am I expecting too much of Numbers or missing something totally? I do not have much experience of spreadsheets, just basic tables and calculations in Excel before coming over from the Dark Side!
Many thanks for any advice
Shirley

Hi Barry
Many thanks for your reply and apologies for my delay in responding.
Hope I am doing this photo embedding correctly via Flikr:
Page 1
I apologise also for my incorrect terminology - please bear with me on this, unfortunately I never used Excel much so terminology is pretty much my own . I believe that I have one sheet, which then changes into different numbers of pages depending on the page size I set, so with these examples 4 pages. 14 tables and one chart at this time
The tables on the second screenshot were the only way I could figure out how to retrieve the data for the final table and chart (% Total Monthly Expenses)
Now what I want to do is for each (or in fact the three largest) budget categories is to give a breakdown of what in that category is, percentage wise, costing the most. Preferably, I want to get this breakdown category information automatically so that human error is ruled out (that I cannot overlook an entry in the any of the tables in my first example). Perhaps I am asking too much, but I thought it was worth asking!
Again many thanks for responding and for your help with this
regards
Shirley

Can't Send or Receive Email from Exchange behind ASA 5510 with CSC SSM

We are upgrading from a Pix 515e to a ASA 5510 with CSC SSM. We cannot send outbound email or receive any email from the outside world. I have placed a call with Cisco Support with no luck. Here is a copy of my config: Any Help would be appreciated.
show config
: Saved
: Written by enable_15 at 07:17:44.760 CST Wed Jan 18 2012
ASA Version 8.4(3)
names
interface Ethernet0/0
nameif outside
security-level 0
ip address 216.XXX.XXX.XXX 255.XXX.XXX.XXX
interface Ethernet0/1
nameif inside
security-level 100
ip address 192.168.0.5 255.255.255.0
interface Ethernet0/2
shutdown
no nameif
no security-level
<--- More --->
no ip address
interface Ethernet0/3
shutdown
no nameif
no security-level
no ip address
interface Management0/0
shutdown
nameif management
security-level 100
no ip address
management-only
boot system disk0:/asa843-k8.bin
ftp mode passive
clock timezone CST -6
clock summer-time CDT recurring
object network obj-192.168.5.0
subnet 192.168.5.0 255.255.255.0
object network obj-192.168.0.0
subnet 192.168.0.0 255.255.255.0
<--- More --->
object network obj-192.168.9.2
host 192.168.9.2
object network obj-192.168.1.65
host 192.168.1.65
object network obj-192.168.1.0
subnet 192.168.1.0 255.255.255.0
object network obj-192.168.2.0
subnet 192.168.2.0 255.255.255.0
object network obj-192.168.3.0
subnet 192.168.3.0 255.255.255.0
object network obj-192.168.6.0
subnet 192.168.6.0 255.255.255.0
object network obj-192.168.8.0
subnet 192.168.8.0 255.255.255.0
object-group service DM_INLINE_TCP_1 tcp
port-object eq ftp
port-object eq www
port-object eq pop3
port-object eq smtp
object-group network Red-Condor
description Email Filtering
network-object host 66.234.112.69
network-object host 66.234.112.89
object-group service NetLink tcp
<--- More --->
port-object eq 36001
object-group network AECSouth
network-object 192.168.11.0 255.255.255.0
object-group service Email_Filter tcp-udp
port-object eq 389
object-group protocol TCPUDP
protocol-object udp
protocol-object tcp
object-group service DM_INLINE_TCP_0 tcp
group-object Email_Filter
port-object eq pop3
port-object eq smtp
object-group network Exchange-Server
description Exchange Server
network-object host 192.168.1.65
access-list global_mpc extended permit tcp any any object-group DM_INLINE_TCP_1
access-list outside_access extended permit tcp any object obj-192.168.9.2
access-list outside_access extended permit icmp any any
access-list outside_access extended permit tcp any object-group Exchange-Server eq https
access-list outside_access extended permit tcp object-group Red-Condor object-group Exchange-Server eq smtp
access-list outside_access extended permit tcp object-group Red-Condor object-group Exchange-Server eq pop3
access-list outside_access extended permit object-group TCPUDP object-group Red-Condor object-group Exchange-Server object-group Email_Filter
access-list inside_access_in extended permit ip any any
access-list inside_access_in extended permit icmp any any
<--- More --->
pager lines 24
logging enable
logging console debugging
logging asdm informational
mtu outside 1500
mtu inside 1500
mtu management 1500
ip local pool vpnpool 192.168.5.1-192.168.5.254 mask 255.255.255.0
icmp unreachable rate-limit 1 burst-size 1
icmp permit any outside
icmp permit any inside
asdm image disk0:/asdm-647.bin
no asdm history enable
arp timeout 14400
object network obj-192.168.9.2
nat (inside,outside) static 216.XXX.XXX.XXX no-proxy-arp
object network obj-192.168.1.65
nat (inside,outside) static 216.XXX.XXX.XXX no-proxy-arp
object network obj-192.168.1.0
nat (inside,outside) dynamic interface
object network obj-192.168.2.0
nat (inside,outside) dynamic interface
object network obj-192.168.3.0
<--- More --->
nat (inside,outside) dynamic interface
object network obj-192.168.6.0
nat (inside,outside) dynamic interface
object network obj-192.168.8.0
nat (inside,outside) dynamic interface
access-group outside_access in interface outside
access-group inside_access_in in interface inside
route outside 0.0.0.0 0.0.0.0 216.XXX.XXX.XXX 1
route inside 192.168.0.0 255.255.0.0 192.168.0.1 1
timeout xlate 3:00:00
timeout pat-xlate 0:00:30
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
timeout floating-conn 0:00:00
dynamic-access-policy-record DfltAccessPolicy
aaa-server isaconn protocol radius
aaa-server isaconn (inside) host 192.168.1.9
timeout 5
key XXXXXXX
user-identity default-domain LOCAL
aaa authentication ssh console LOCAL
<--- More --->
http server enable
http 192.168.0.0 255.255.0.0 inside
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
crypto ipsec ikev1 transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac
crypto ipsec ikev1 transform-set ESP-DES-SHA esp-des esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-DES-MD5 esp-des esp-md5-hmac
crypto ipsec ikev1 transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac
crypto ipsec ikev1 transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac
crypto ipsec ikev1 transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-AES-128-MD5 esp-aes esp-md5-hmac
crypto ipsec ikev1 transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
crypto ipsec ikev1 transform-set AEC esp-des esp-md5-hmac
crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set pfs group1
crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set ikev1 transform-set ESP-AES-128-SHA ESP-AES-128-MD5 ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256-SHA ESP-AES-256-MD5 ESP-3DES-SHA ESP-3DES-MD5 ESP-DES-SHA ESP-DES-MD5
crypto map outside_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP
crypto map outside_map interface outside
crypto ca trustpoint _SmartCallHome_ServerCA
crl configure
crypto ca server
shutdown
<--- More --->
smtp from-address [email protected]
crypto ca certificate chain _SmartCallHome_ServerCA
certificate
quit
crypto ikev1 enable outside
crypto ikev1 policy 10
authentication pre-share
encryption 3des
hash sha
group 2
lifetime 86400
telnet 192.168.0.0 255.255.0.0 inside
telnet timeout 5
ssh 192.168.0.0 255.255.0.0 inside
ssh timeout 5
console timeout 0
management-access inside
threat-detection basic-threat
threat-detection statistics access-list
no threat-detection statistics tcp-intercept
ntp server 208.66.175.36 source outside prefer
webvpn
username cisco password 3USUcOPFUiMCO4Jk encrypted privilege 15
<--- More --->
class-map global-class
match access-list global_mpc
class-map inspection_default
match default-inspection-traffic
policy-map type inspect dns preset_dns_map
parameters
message-length maximum client auto
message-length maximum 512
policy-map global_policy
class inspection_default
inspect dns preset_dns_map
inspect ftp
inspect h323 h225
inspect h323 ras
inspect rsh
inspect rtsp
inspect esmtp
inspect sqlnet
inspect skinny
inspect sunrpc
inspect xdmcp
inspect sip
<--- More --->
inspect netbios
inspect tftp
inspect ip-options
class global-class
csc fail-close
service-policy global_policy global
prompt hostname context
call-home reporting anonymous

Hello Scott,
So Exchange server ip is obj-192.168.1.65 natted to 216.x.x.x
object network obj-192.168.1.65
"nat (inside,outside) static 216.XXX.XXX.XXX no-proxy-arp"
The ACL says
access-list outside_access extended permit tcp object-group Red-Condor object-group Exchange-Server eq smtp
access-list outside_access extended permit tcp object-group Red-Condor object-group Exchange-Server eq pop3
From witch ip addresses are you trying to send traffic to the exchange server?
Please do a packet-tracer and give us the output
packet-tracer input outside tcp x.x.x.x( Outside host ip) 1025 216.x.x.x.x 25
Regards,
Julio
Rate helpful posts!!!

How can I search sub categories in iBooks?

Okay, after generally loving apple products, this one has me raging mad. When I search iBooks, there is a drop down list of categories and authors.
But sub categories -- as found in any normal bookstore -- are nowhere to be found.
For example, searching "Ferrari" will drop down a variety of books, two of which are in the Transportation category. But, Transportation is not listed in any of the categories in the basic iBooks menu.
Words such as "history", "science and technology" cover a LOT of ground, and there MUST be better navigation to zero in on topics of interest.
So, how can I find a list of sub-categories so I can spend my iTunes wealth?

Sadly I don't think you can. I have a number of books published in the Games and Card Games category (as identified by BISAC code) but Apple don't have a Games category either. However in the iTunes Store (not iBooks) if I search for 'Games' and then select the 'Books' Media Type filter I can find the books in the results. Perhaps the same ill happen if you try with 'transportation'. Now that books are searchable directly from the iTunes store I find it much easier to search there rather than on my iPad.

ASA5510-SEC with CSC-SSM and Plus lic

I have setup the ASA5510-SEC with the CSC-SSM and it is working great. What I need is to be able to provide, for the client, reports of how much time particular users spend on the Internet, where they go on the Internet etc. Do I need more product to do this reporting? Would also like to have email reports
Thanks,

I would recommend posting in netpro for this. This community doesn't work with the ASA series.
www.cisco.com/go/netpro

Filtering sub-categories on Interscan for CSC SSM

Similar Messages

Maybe you are looking for