There are two options for running ASDM. When first accessing ASDM via a
browser, the administrator is presented with the screen in Figure
. The
administrator can choose to download the ASDM application to a PC and run it
locally, or run ASDM as a Java Applet in a browser. With the local ASDM
application option, the administrator can invoke ASDM from a desktop shortcut,
no browser is required. Local installation support is only provided for Windows
platforms. The other option is to run ASDM as a Java Applet in a browser.
Once the Java Applet choice is selected, a Java Applet is loaded to the PC
from the PIX Security Appliance.
The ASDM Home Window
The ASDM Home window enables the
administrator to view important information about the PIX Security Appliance,
such as the status of the interfaces, the version running, licensing
information, and performance
. Many of
the details available on the ASDM Home window are available elsewhere in ASDM,
but the Home window provides a useful and quick way to see how the Security
appliance is running. All information on the Home window is updated every ten
seconds, except for the Device Information. The administrator can access the
Home window any time by clicking the Home button on the main toolbar.
The
following sections are included in the ASDM Home window:
- Menu bar – Provides quick access to files, tools, options, wizards, and
help.
- Main toolbar – Provides quick access to the Home window, configuration
windows, ASDM monitoring, search, and context-sensitive help. The administrator
can also save the running configuration to Flash memory by clicking the
Save button, or reload the running configuration from Flash by clicking
the Refresh button.
- Device Information group box – Displays PIX Security Appliance information
in two tabs, general and license tabs. The general tab displays PIX Security
Appliance hardware and software information. The license tab displays the level
of support for licensed features on a PIX Security Appliance.
- VPN Status group box – Displays the status of VPN tunnels, if they are
configured.
- System Resources Status group box – Displays CPU and memory usage.
- Interface Status group box – Displays the interface, IP address and mask,
and link status.
- Traffic Status group box – Displays the number of TCP and UDP connections
that occur each second. Their sum is displayed as the total number of
connections. The name Interface Traffic Usage area displays the traffic going
through the named interface in kilobits per second.
- Last 10 ASDM Syslog Messages group box – Displays the last ten system
messages generated by the PIX Security Appliance.
The ASDM Configuration Window
ASDM configuration feature
list consists of nine icons, which enable the administrator to configure
various aspects of the product
. ASDM
configuration feature enables the administrator to configure interfaces, a
security policy, routing, NAT, VPN, device administration features, IPS, and
miscellaneous properties. The administrator can also configure building blocks,
including host and network identification and application inspection maps, to
simplify your configuration tasks. Some features might not be available for a
particular PIX Security Appliance depending on the firewall mode and context.
The list of available configuration feature icons is as follows:
-
Interface – The Interfaces window displays configured interfaces and
sub-interfaces. The administrator can add or delete sub-interfaces, and also
enable communication between interfaces on the same security level.
-
Security Policy – The administrator can add and delete access rules,
AAA rules, filter rules, and service policy rules.
-
NAT – The administrator can add, delete, and modify translation and
translation exemption rules.
-
VPN – The administrator can create and modify site-to-site and
remote access VPNs.
-
Routing – The administrator can configure static routes, passive
RIP, OSPF, IGMP and PIM.
-
Building Blocks – The administrator can configure IP address to host
name conversion, inspection maps, and time ranges
-
Device Administration – The administrator can set basic
administration parameters for the PIX Security Appliance. They also can
configure and administer certificates.
-
Properties – The administrator can customize your PIX Security
Appliance by configuring failover, logging, the static ARP table, and many
other features.
Further exploration of the ASDM will be conducted through the lab
activities included in this course.