Manage a PIX Security Appliance with Adaptive Security Device Manager
Using ASDM to configure the PIX Security Appliance

There are two options for running ASDM. When first accessing ASDM via a browser, the administrator is presented with the screen in Figure . The administrator can choose to download the ASDM application to a PC and run it locally, or run ASDM as a Java Applet in a browser. With the local ASDM application option, the administrator can invoke ASDM from a desktop shortcut, no browser is required. Local installation support is only provided for Windows platforms. The other option is to run ASDM as a Java Applet in a browser.

Once the Java Applet choice is selected, a Java Applet is loaded to the PC from the PIX Security Appliance.

The ASDM Home Window
The ASDM Home window enables the administrator to view important information about the PIX Security Appliance, such as the status of the interfaces, the version running, licensing information, and performance . Many of the details available on the ASDM Home window are available elsewhere in ASDM, but the Home window provides a useful and quick way to see how the Security appliance is running. All information on the Home window is updated every ten seconds, except for the Device Information. The administrator can access the Home window any time by clicking the Home button on the main toolbar.

The following sections are included in the ASDM Home window:

  • Menu bar – Provides quick access to files, tools, options, wizards, and help.
  • Main toolbar – Provides quick access to the Home window, configuration windows, ASDM monitoring, search, and context-sensitive help. The administrator can also save the running configuration to Flash memory by clicking the Save button, or reload the running configuration from Flash by clicking the Refresh button.
  • Device Information group box – Displays PIX Security Appliance information in two tabs, general and license tabs. The general tab displays PIX Security Appliance hardware and software information. The license tab displays the level of support for licensed features on a PIX Security Appliance.
  • VPN Status group box – Displays the status of VPN tunnels, if they are configured.
  • System Resources Status group box – Displays CPU and memory usage.
  • Interface Status group box – Displays the interface, IP address and mask, and link status.
  • Traffic Status group box – Displays the number of TCP and UDP connections that occur each second. Their sum is displayed as the total number of connections. The name Interface Traffic Usage area displays the traffic going through the named interface in kilobits per second.
  • Last 10 ASDM Syslog Messages group box – Displays the last ten system messages generated by the PIX Security Appliance.

The ASDM Configuration Window
ASDM configuration feature list consists of nine icons, which enable the administrator to configure various aspects of the product . ASDM configuration feature enables the administrator to configure interfaces, a security policy, routing, NAT, VPN, device administration features, IPS, and miscellaneous properties. The administrator can also configure building blocks, including host and network identification and application inspection maps, to simplify your configuration tasks. Some features might not be available for a particular PIX Security Appliance depending on the firewall mode and context.

The list of available configuration feature icons is as follows:

  • Interface – The Interfaces window displays configured interfaces and sub-interfaces. The administrator can add or delete sub-interfaces, and also enable communication between interfaces on the same security level.
  • Security Policy – The administrator can add and delete access rules, AAA rules, filter rules, and service policy rules.
  • NAT – The administrator can add, delete, and modify translation and translation exemption rules.
  • VPN – The administrator can create and modify site-to-site and remote access VPNs.
  • Routing – The administrator can configure static routes, passive RIP, OSPF, IGMP and PIM.
  • Building Blocks – The administrator can configure IP address to host name conversion, inspection maps, and time ranges
  • Device Administration – The administrator can set basic administration parameters for the PIX Security Appliance. They also can configure and administer certificates.
  • Properties – The administrator can customize your PIX Security Appliance by configuring failover, logging, the static ARP table, and many other features.

Further exploration of the ASDM will be conducted through the lab activities included in this course.