Table Of Contents

Using the ASDM User Interface

Information About the ASDM User Interface

Navigating in the ASDM User Interface

Menus

File Menu

View Menu

Tools Menu

Wizards Menu

Window Menu

Help Menu

Toolbar

ASDM Assistant

Status Bar

Connection to Device

Device List

Device Environment Status

Common Buttons

Keyboard Shortcuts

Enabling Extended Screen Reader Support

Organizational Folder

About the Help Window

Header Buttons

Browser Window

Home Pane (Single Mode and Context)

Device Dashboard Tab

Device Information Pane

Interface Status Pane

VPN Sessions Pane

Failover Status Pane

System Resources Status Pane

Traffic Status Pane

Latest ASDM Syslog Messages Pane

Firewall Dashboard Tab

Traffic Overview Pane

Top 10 Access Rules Pane

Top Usage Status Pane

Top Ten Protected Servers Under SYN Attack Pane

Top 200 Hosts Pane

Top Botnet Traffic Filter Hits Pane

Content Security Tab

Intrusion Prevention Tab

Home Pane (System)

Using the ASDM User Interface

---

This chapter describes how to use the ASDM user interface, and includes the following sections:

•Information About the ASDM User Interface

•Navigating in the ASDM User Interface

•Menus

•Toolbar

•ASDM Assistant

•Status Bar

•Device List

•Common Buttons

•Keyboard Shortcuts

•Enabling Extended Screen Reader Support

•Organizational Folder

•About the Help Window

•Home Pane (Single Mode and Context)

•Home Pane (System)

Information About the ASDM User Interface

The ASDM user interface is designed to provide easy access to the many features that the adaptive security appliance supports. The ASDM user interface includes the following elements:

•A menu bar that provides quick access to files, tools, wizards, and help. Many menu items also have keyboard shortcuts.

•A toolbar that enables you to navigate ASDM. From the toolbar you can access the home, configuration, and monitoring panes. You can also get help and navigate between panes.

•A dockable left Navigation pane to move through the Configuration and Monitoring panes. You can click one of the three buttons in the header to maximize or restore this pane, make it a floating pane that you can move, hide it, or close it. To access the Configuration and Monitoring panes, you can do one of the following:

–Click links on the left side of the application window in the left Navigation pane. The Content pane then displays the path (for example, Configuration > Device Setup > Startup Wizard) in the title bar of the selected pane.

–If you know the exact path, you can type it directly into the title bar of the Content pane on the right side of the application window, without clicking any links in the left Navigation pane.

•A maximize and restore button in the right corner of the Content pane that lets you hide and show the left Navigation pane.

•A dockable device list pane with a list of devices that you can access through ASDM. You can click one of the three buttons in the header to maximize or restore this pane, make it a floating pane that you can move, hide it, or close it. For more information, see the "Device List" section.

•A status bar that shows the time, connection status, user, memory status, running configuration status, privilege level, and SSL status at the bottom of the application window.

•A left Navigation pane that shows various objects that you can use in the rules tables when you create access rules, NAT rules, AAA rules, filter rules, and service rules. The tab titles within the pane change according to the feature that you are viewing. In addition, the ASDM Assistant appears in this pane.

Figure 3-1 shows the elements of the ASDM user interface.

Figure 3-1 ASDM User Interface

Legend

GUI Element	Description
1	Menu Bar
2	Search Field
3	Toolbar
4	Navigation Path
5	Device List Pane
6	Left Navigation Pane
7	Content Pane
8	Right Navigation Pane
9	Status Bar

---

Note Tool tips have been added for various parts of the GUI, including Wizards, the Configuration and Monitoring panes, and the Status Bar. To view tool tips, hover your mouse over a specific user interface element, such as an icon in the status bar.

---

Navigating in the ASDM User Interface

To move efficiently throughout the ASDM user interface, you may use a combination of menus, the toolbar, dockable panes, and the left and right Navigation panes, which are described in the previous section. The available functions appear in a list of buttons below the Device List pane. An example list could include the following function buttons:

•Device Setup

•Firewall

•Trend Micro Content Security

•Botnet Traffic Filter

•Remote Access VPN

•Site to Site VPN

•Device Management

The list of function buttons that appears is based on the licensed features that you have purchased. Click each button to access the first pane in the selected function for either the Configuration view or the Monitoring view. The function buttons are not available in the Home view.

To change the display of function buttons, perform the following steps:

---

Step 1 Choose the drop-down list below the last function button to display a context menu.

Step 2 Choose one of the following options:

•To show more buttons, click Show More Buttons.

•To show fewer buttons, click Show Fewer Buttons.

•To add or remove buttons, click Add or Remove Buttons, then click the button to add or remove from the list that appears.

•To change the sequence of the buttons, choose Option to display the Option dialog box, which displays a list of the buttons in their current order. Then choose one of the following:

–To move up a button in the list, click Move Up.

–To move down a button in the list, click Move Down.

–To return the order of the items in the list to the default setting, click Reset.

Step 3 To save your settings and close this dialog box, click OK.

---

Menus

You can access ASDM menus using the mouse or keyboard. For information about accessing the menu bar from the keyboard, see the "Keyboard Shortcuts" section.

ASDM has the following menus:

•File Menu

•View Menu

•Tools Menu

•Wizards Menu

•Window Menu

•Help Menu

File Menu

The File menu lets you manage adaptive security appliance configurations. The following table lists the tasks that you can perform using the File menu.

File Menu Item	Description
Refresh ASDM with the Running Configuration on the Device	Loads a copy of the running configuration into ASDM.
Refresh	Ensures that ASDM has a current copy of the running configuration.
Reset Device to the Factory Default Configuration	Restores the configuration to the factory default. See the "Restoring the Factory Default Configuration" section on page 2-5 for more information.
Show Running Configuration in New Window	Displays the current running configuration in a new window.
Save Running Configuration to Flash	Writes a copy of the running configuration to flash memory.
Save Running Configuration to TFTP Server	Stores a copy of the current running configuration file on a TFTP server. See the "Saving the Running Configuration to a TFTP Server" section on page 76-6 for more information.
Save Running Configuration to Standby Unit	Sends a copy of the running configuration file on the primary unit to the running configuration of a failover standby unit.
Save Internal Log Buffer to Flash	Saves the internal log buffer to flash memory.
Print	Prints the current page. We recommend landscape page orientation when you print rules. When you use Internet Explorer, permission to print was already granted when you originally accepted the signed applet.
Clear ASDM Cache	Removes local ASDM images. ASDM downloads images locally when you connect to ASDM.
Clear ASDM Password Cache	Removes the password cache if you have defined a new password and still have a existing password that is different than the new password.
Clear Internal Log Buffer	Empties the syslog message buffer.
Exit	Closes ASDM.

View Menu

The View menu lets you display various parts of the ASDM user interface. Certain items are dependent on the current view. You cannot select items that cannot be displayed in the current view. The following table lists the tasks that you can perform using the View menu.

View Menu Item	Description
Home	Displays the Home view.
Configuration	Displays the Configuration view.
Monitoring	Displays the Monitoring view.
Device List	Display a list of devices in a dockable pane. See the "Device List" section for more information.
Navigation	Shows and hides the display of the Navigation pane in the Configuration and Monitoring views.
ASDM Assistant	Searches and finds useful ASDM procedural help about certain tasks. See the "ASDM Assistant" section for more information.
SIP Details	Shows and hides voice network information.
Latest ASDM Syslog Messages	Shows and hides the display of the Latest ASDM Syslog Messages pane in the Home view. This pane is only available in the Home view. If you do not have sufficient memory to upgrade to the most current release, syslog message %ASA-1-211004 is generated, indicating what the installed memory is and what the required memory is. This message reappears every 24 hours until the memory is upgraded.
Addresses	Shows and hides the display of the Addresses pane. The Addresses pane is only available for the Access Rules, NAT Rules, Service Policy Rules, AAA Rules, and Filter Rules panes in the Configuration view.
Services	Shows and hides the display of the Services pane. The Services pane is only available for the Access Rules, NAT Rules, Service Policy Rules, AAA Rules, and Filter Rules panes in the Configuration view.
Time Ranges	Shows and hides the display of the Time Ranges pane. The Time Ranges pane is only available for the Access Rules, Service Policy Rules, AAA Rules, and Filter Rules panes in the Configuration view.
Global Pools	Shows and hides the display of the Global Pools pane. The Global Pools pane is only available for the NAT Rules pane in the Configuration view.
Find in ASDM	Locates an item for which you are searching, such as a feature or the ASDM Assistant.
Back	Returns to the previous pane. See the "Common Buttons" section for more information.
Forward	Goes to the next pane previously visited. See the "Common Buttons" section for more information.
Reset Layout	Returns the layout to the default configuration.
Office Look and Feel	Changes the screen fonts and colors to the Microsoft Office settings.

Tools Menu

The Tools menu provides you with the following series of tools to use in ASDM.

Tools Menu Item	Description
Command Line Interface	Sends commands to the adaptive security appliance and view the results. See the "Getting Started With the Configuration" section on page 2-8 for more information.
Show Commands Ignored by ASDM on Device	Displays unsupported commands that have been ignored by ASDM. See the "Showing Commands Ignored by ASDM on the Device" section on page 2-10 for more information.
Packet Tracer	Traces a packet from a specified source address and interface to a destination. You can specify the protocol and port of any type of data and view the lifespan of a packet, with detailed information about actions taken on it. See the "Tracing Packets with Packet Tracer" section on page 77-7 for more information.
Ping	Verifies the configuration and operation of the adaptive security appliance and surrounding communications links, as well as performs basic testing of other network devices. See the "Verifying ASA Configuration and Operation, and Testing Interfaces Using Ping" section on page 77-3 for more information.
Traceroute	Determines the route that packets will take to their destination. See the "Determining Packet Routing with Traceroute" section on page 77-6 for more information.
File Management	Views, moves, copies, and deletes files stored in flash memory. You can also create a directory in flash memory. See the "Managing Files" section on page 76-1 for more information. You can also transfer files between various file systems, including TFTP, flash memory, and your local PC. See the "Transferring Files" section on page 76-5 for more information.
Upgrade Software from Local Computer	Uploads a adaptive security appliance image, ASDM image, or another image on your PC to flash memory. See the "Upgrading Software from Your Local Computer" section on page 76-10 dialog box for more information.
Check for ASA/ASDM Updates	Upgrades adaptive security appliance software and ASDM software through a wizard. See the "Upgrading Software from the Cisco.com Wizard" section on page 76-11 for more information.
Backup Configurations	Backs up the adaptive security appliance configuration, a Cisco Secure Desktop image, and SSL VPN Client images and profiles. See the "Backing Up Configurations" section on page 76-13 for more information.
Restore Configurations	Restores the adaptive security appliance configuration, a Cisco Secure Desktop image, and SSL VPN Client images and profiles. See the "Restoring Configurations" section on page 76-16 for more information.
System Reload	Restarts the ASDM and reload the saved configuration into memory. See the "Scheduling a System Restart" section on page 76-12 for more information.
Administrator's Alerts to Clientless SSL VPN Users	Enable an administrator to send an alert message to clientless SSL VPN users. See the "Sending an Administrator's Alert to Clientless SSL VPN Users" section on page 77-12 for more information.
Preferences	Changes the behavior of specified ASDM functions between sessions. See the "Defining ASDM Preferences" section on page 9-11 for more information.
ASDM Java Console	Shows the Java console. See the "Viewing and Copying Logged Entries with the ASDM Java Console" section on page 77-12 for more information.

Wizards Menu

The Wizards menu lets you run a wizard to configure multiple features. The following table lists the available Wizards and their features.

Wizards Menu Item	Description
Startup Wizard	Guides you, step-by-step, through the initial configuration of the adaptive security appliance. For more information, see Using the Startup Wizard.
IPSec VPN Wizard	Enables you to configure an IPSec VPN policy on the adaptive security appliance. For more information, see the IPSec VPN Wizard.
SSL VPN Wizard	Enables you to configure an SSL VPN policy on the adaptive security appliance. For more information, see the SSLVPN Wizard.
High Availability and Scalability Wizard	Allows you to configure failover and VPN cluster load balancing on the adaptive security appliance. For more information, see Accessing the High Availability and Scalability Wizard.
Unified Communication Wizard	Enables you to configure unified communication features, such as an IP phone, on the adaptive security appliance. For more information, see the Using the Cisco Unified Communication Wizard.
Packet Capture Wizard	Allows you to configure packet capture on the adaptive security appliance. The wizard runs one packet capture on each ingress and egress interface. After you run the capture, you can save it on your computer, and then examine and analyze the capture with a packet analyzer. For more information, see the "Configuring and Running Captures with the Packet Capture Wizard" section on page 77-8.

Window Menu

The Window menu enables you to move between ASDM windows. The active window appears as the selected window.

Help Menu

The Help menu provides links to online Help, as well as information about ASDM and the adaptive security appliance. The following table lists the tasks that you can perform using the Help menu.

Help Menu Items	Description
Help Topics	Opens a new browser window with help organized by contents, window name, and indexed in the left frame. Use these methods to find help for any topic, or search using the Search tab.
Help for Current Screen	Opens context-sensitive help about that screen. The wizard runs the screen, pane, or dialog box that is currently open. Alternatively, you can also click the question mark (?) help icon.
Release Notes	Opens the most current version of the Release Notes for Cisco ASDM on Cisco.com. The release notes contain the most current information about ASDM software and hardware requirements, and the most current information about changes in the software.
ASDM Assistant	Opens the ASDM Assistant, which lets you search downloadable content from Cisco.com, with details about performing certain tasks.
About Cisco Adaptive Security Appliance (ASA)	Displays information about the adaptive security appliance, including the software version, hardware set, configuration file loaded at startup, and software image loaded at startup. This information is helpful in troubleshooting.
About Cisco ASDM 6.3	Displays information about ASDM such as the software version, hostname, privilege level, operating system, device type, and Java version.

Toolbar

The Toolbar below the menus provides access to the Home view, Configuration view, and Monitoring view. It also lets you choose between the system and security contexts in multiple context mode, and provides navigation and other commonly used features. The following table lists the tasks that you can perform using the Toolbar.

Toolbar Button	Description
System/Contexts	Shows which context you are in. To open the context list in the left-hand pane, click the down arrow, then click the up arrow to restore the context drop-down list. After you have expanded this list, click the left arrow to collapse the pane, then the right arrow to restore the pane. To manage the system, choose System from the drop-down list. To manage the context, choose one from the drop-down list.
Home	Displays the Home pane, which lets you view important information about your adaptive security appliance such as the status of your interfaces, the version you are running, licensing information, and performance. See the "Home Pane (Single Mode and Context)" section for more information. In multiple mode, the system does not have a Home pane.
Configuration	Configures the adaptive security appliance. Click a function button in the left Navigation pane to configure that function.
Monitoring	Monitors the adaptive security appliance. Click a function button in the left Navigation pane to configure that function.
Back	Returns to the last pane of ASDM that you visited.
Forward	Goes forward to the last pane of ASDM that you visited.
Search	Searches for a feature in ASDM. The Search function looks through the titles of each pane and presents you with a list of matches, and gives you a hyperlink directly to that pane. If you need to switch quickly between two different panes that you found, click Back or Forward. See the "ASDM Assistant" section for more information.
Refresh	Refreshes ASDM with the current running configuration, except for graphs in any of the Monitoring panes.
Save	Saves the running configuration to the startup configuration for write-accessible contexts only.
Help	Shows context-sensitive help for the screen that is currently open.

ASDM Assistant

The ASDM Assistant lets you search and view useful ASDM procedural help about certain tasks. This feature is available in routed and transparent modes, and in the single and system contexts.

To access information, choose View > ASDM Assistant > How Do I? or enter a search request from the Look For field in the menu bar. From the Find drop-down list, choose How Do I? to begin the search.

To use the ASDM Assistant, perform the following steps:

---

Step 1 In the main ASDM application window, choose View > ASDM Assistant.

The ASDM Assistant pane appears.

Step 2 In the Search field, enter the information that you want to find, and click Go.

The requested information appears in the Search Results pane.

Step 3 Click any links that appear in the Search Results and Features areas to obtain more details.

---

Status Bar

The status bar appears at the bottom of the ASDM window. The following table lists the areas shown from left to right.

Area	Description
Status	The status of the configuration (for example, "Device configuration loaded successfully.")
Failover	The status of the failover unit, either active or standby.
User Name	The username of the ASDM user. If you logged in without a username, the username is "admin."
User Privilege	The privilege of the ASDM user.
Commands Ignored by ASDM	Click the icon to show a list of commands from your configuration that ASDM did not process. These commands will not be removed from the configuration.
Connection to Device	The ASDM connection status to the adaptive security appliance. See the "Connection to Device" section for more information.
Syslog Connection	The syslog connection is up, and the adaptive security appliance is being monitored.
SSL Secure	The connection to ASDM is secure because it uses SSL.
Time	The time that is set on the adaptive security appliance.

Connection to Device

ASDM maintains a constant connection to the adaptive security appliance to maintain up-to-date Monitoring and Home pane data. This dialog box shows the status of the connection. When you make a configuration change, ASDM opens a second connection for the duration of the configuration, and then closes it; however, this dialog box does not represent the second connection.

Device List

The device list is a dockable pane. You can click one of the three buttons in the header to maximize or restore this pane, make it a floating pane that you can move, hide it, or close it. This pane is available in the Home, Configuration, Monitoring, and System views. You can use this pane to switch to another device; however, that device must run the same version of ASDM that you are currently running. To display the pane fully, you must have at least two devices listed. This feature is available in routed and transparent modes, and in the single, multiple, and system contexts.

To use this pane to connect to another device, perform the following steps:

---

Step 1 Click Add to add another device to the list.

The Add Device dialog box appears.

Step 2 In the Device/IP Address/Name field, type the device name or IP address of the device, and then click OK.

Step 3 Click Delete to remove a selected device from the list.

Step 4 Click Connect to connect to another device.

The Enter Network Password dialog box appears.

Step 5 Type your username and password in the applicable fields, and then click Login.

---

Device Environment Status

Common Buttons

Many ASDM panes include buttons that are listed in the following table. Click the applicable button to complete the desired task:

Button	Description
Apply	Sends changes made in ASDM to the adaptive security appliance and applies them to the running configuration.
Save	Writes a copy of the running configuration to flash memory.
Reset	Discards changes and reverts to the information displayed before changes were made or the last time that you clicked Refresh or Apply. After you click Reset, click Refresh to make sure that information from the current running configuration appears.
Restore Default	Clears the selected settings and returns to the default settings.
Cancel	Discards changes and returns to the previous pane.
Enable	Displays read-only statistics for a feature.
Close	Closes an open dialog box.
Clear	Remove information from a field, or remove a check from a check box.
Back	Returns to the previous pane.
Forward	Goes to the next pane.
Help	Displays help for the selected pane or dialog box.

Keyboard Shortcuts

You can use the keyboard to navigate the ASDM user interface.

Table 3-1 lists the keyboard shortcuts you can use to move across the three main areas of the ASDM user interface.

Table 3-1 Keyboard Shortcuts Within the Main Window 

To display the	Windows/Linux	MacOS
Home Pane	Ctrl+H	Shift+Command+H
Configuration Pane	Ctrl+G	Shift+Command+G
Monitoring Pane	Ctrl+M	Shift+Command+M
Help	F1	Command+?
Back	Alt+Left Arrow	Command+[
Forward	Alt+Rightarrow	Command+]
Refresh the display	F5	Command+R
Cut	Ctrl+X	Command+X
Copy	Ctrl+C	Command+C
Paste	Ctrl+V	Command+V
Save the configuration	Ctrl+S	Command+S
Popup menus	Shift+F10	—
Close a secondary window	Alt+F4	Command+W
Find	Ctrl+F	Command+F
Exit	Alt+F4	Command+Q
Exit a table or text area	Ctrl_Shift or Ctrl+Shift+Tab	Ctril+Shift or Ctrl+Shift+Tab

Table 3-2 lists the keyboard shortcut you can use to navigate within a pane.

Table 3-2 Keyboard Shortcuts Within a Pane 

To move the focus to the	Press
Next field	Tab
Previous field	Shift+Tab
Next field when the focus is in a table	Ctrl+Tab
Previous field when the focus is in a table	Shift+Ctrl+Tab
Next tab (when a tab has the focus)	Right Arrow
Previous tab (when a tab has the focus)	Left Arrow
Next cell in a table	Tab
Previous sell in a table	Shift+Tab
Next pane (when multiple panes are displayed)	F6
Previous pane (when multiple panes are displayed)	Shift+F6

Table 3-3 lists the keyboard shortcuts you can use with the Log Viewers.

Table 3-3 Keyboard Shortcuts for the Log Viewer 

To	Windows/Linux	MacOS
Pause and Resume Real-Time Log Viewer	Ctrl+U	Command+
Refresh Log Buffer Pane	F5	Command+R
Clear Internal Log Buffer	Ctrl+Delete	Command+Delete
Copy Selected Log Entry	Ctrl+C	Command+C
Save Log	Ctrl+S	Command+S
Print	Ctrl+P	Command+P
Close a secondary window	Alt+F4	Command+W

Table 3-4 lists the keyboard shortcuts you can use to access menu items.

Table 3-4 Keyboard Shortcuts to Access Menu Items

To access the	Windows/Linux
Menu Bar	Alt
Next Menu	Right Arrow
Previous Menu	Left Arrow
Next Menu Option	Down Arrow
Previous Menu Option	Up Arrow
Selected Menu Option	Enter

Enabling Extended Screen Reader Support

By default, labels and descriptions are not included in tab order when you press the Tab key to navigate a pane. Some screen readers, such as JAWS, only read screen objects that have the focus. You can include the labels and descriptions in the tab order by enabling extended screen reader support.

To enable extended screen reader support, perform the following steps:

---

Step 1 In the main ASDM application window, choose Tools > Preferences.

The Preferences dialog box appears.

Step 2 On the General tab, check the Enable screen reader support check box.

Step 3 Click OK.

Step 4 Restart ASDM to activate screen reader support.

---

Organizational Folder

Some folders in the navigation pane for the configuration and monitoring views do not have associated configuration or monitoring panes. These folders are used to organize related configuration and monitoring tasks. Clicking these folders displays a list of sub-items in the right Navigation pane. You can click the name of a sub-item to go to that item.

About the Help Window

This section includes the following topics:

•Header Buttons

•Browser Window

Header Buttons

To obtain the information that you need, click the applicable button listed in the following table.

Button	Description
About ASDM	Displays information about ASDM, including the hostname, version number, device type, adaptive security appliance software version number, privilege level, username, and operating system being used.
Search	Searches for information among online help topics.
Using Help	Describes the most efficient methods for using online help.
Glossary	Lists terms found in ASDM and adaptive security appliances.
Contents	Displays a table of contents.
Screens	Lists help files by screen name.
Index	Displays an index of help topics found in ASDM online help.

Browser Window

When you open help and a help page is already open, the new help page will appear in the same browser window. If no help page is open, then the help page will appear in a new browser window.

When you open help and Netscape Communicator is the default browser, the help page will appear in a new browser window. If Internet Explorer is the default browser, the help page may appear either in the last-visited browser window or in a new browser window, according to your browser settings. You can control this behavior in Internet Explorer by choosing Tools > Internet Options > Advanced > Reuse windows for launching shortcuts.

Home Pane (Single Mode and Context)

The ASDM Home pane lets you view important information about your adaptive security appliance. Status information in the home pane is updated every ten seconds. This pane usually has two tabs: Device Dashboard and Firewall Dashboard.

If you have a CSC SSM installed in your adaptive security appliance, the Content Security tab also appears in the Home pane. The additional tab displays status information about the CSC SSM software.

If you have IPS software installed in your adaptive security appliance, the Intrusion Prevention tab also appears in the Home pane. The additional tab displays status information about the IPS software.

This section includes the following topics:

•Device Dashboard Tab

•Firewall Dashboard Tab

•Content Security Tab

•Intrusion Prevention Tab

Device Dashboard Tab

The Device Dashboard tab lets you view, at a glance, important information about your adaptive security appliance, such as the status of your interfaces, the version you are running, licensing information, and performance.

Figure 3-2 shows the elements of the Device Dashboard tab.

Figure 3-2 Device Dashboard Tab

Legend

GUI Element	Description
1	Device Information Pane
2	Interface Status Pane
3	VPN Sessions Pane
4	Traffic Status Pane
5	System Resources Status Pane
6	Traffic Status Pane
See Figure 3-3	Latest ASDM Syslog Messages Pane

Device Information Pane

The Device Information pane includes two tabs that show device information:

•General Tab

•License Tab

General Tab

This tab shows basic information about the adaptive security appliance, including the hostname, software version, and RAM.

---

Note If you do not have enough memory to upgrade to the most current release of the adaptive security appliance, the Memory Insufficient Warning dialog box appears. Follow the directions that appear in this dialog box to continue using the adaptive security appliance and ASDM in a supported manner. Click OK to close this dialog box.

---

License Tab

This tab shows a subset of licensed features. To view detailed license information, or to enter a new activation key, click More Licenses; the Configuration > Device Management > Licensing > Activation Key pane appears. See Chapter 4, "Managing Feature Licenses."

Interface Status Pane

This pane shows the status of each interface. If you select an interface row, the input and output throughput in Kbps displays below the table.

VPN Sessions Pane

This pane shows the VPN tunnel status. Click Details to go to the Monitoring > VPN > VPN Statistics > Sessions pane.

Failover Status Pane

This pane shows the failover status.

Click Configure to start the High Availability and Scalability Wizard. After you have completed the wizard, the failover configuration status (either Active/Active or Active/Standby) appears.

If failover is configured, click Details to open the Monitoring > Properties > Failover > Status pane.

System Resources Status Pane

This pane shows CPU and memory usage statistics.

Traffic Status Pane

This pane shows graphs for connections per second for all interfaces and for the traffic throughput of the lowest security interface.

When your configuration contains multiple lowest security level interfaces, and any one of them is named "outside," then that interface is used for the traffic throughput graphs. Otherwise, ASDM picks the first interface from the alphabetical list of lowest security level interfaces.

Latest ASDM Syslog Messages Pane

This pane shows the most recent system messages generated by the adaptive security appliance, up to a maximum of 100 messages. If logging is disabled, click Enable Logging to enable logging.

Figure 3-3 shows the elements of the Latest ASDM Syslog Messages pane.

Figure 3-3 Latest ASDM Syslog Messages Pane

Legend

GUI Element	Description
1	To resize the pane, drag the divider up or down.
2	Expands the pane. To return the pane to the default size, click the double-square icon.
3	Makes a floating pane. To dock the pane, click the docked pane icon.
4	Enables or disables Auto-hide. When Auto-hide is enabled, move your cursor over the Latest ASDM Syslog Messages button in the left, bottom corner and the pane displays. Move your cursor away from the pane, and it disappears.
5	Closes the pane. To show the pane, choose View Latest ASDM Syslog Messages.
6	To continue updating the display of syslog messages, click the green icon on the right-hand side.
7	To stop updating the display of syslog messages, click the red icon on the right-hand side.
8	To open the Logging Filters pane, click the filters icon on the right-hand side.

•To clear the current messages, right-click an event and click Clear Content.

•To save the current messages to a file on your PC, right-click an event and click Save Content.

•To copy the current content, right-click an event and click Copy.

•To change the background and foreground colors of syslog messages according to their severity, right-click an event and click Color Settings.

Firewall Dashboard Tab

The Firewall Dashboard tab lets you view important information about the traffic passing through your adaptive security appliance. This dashboard differs depending on whether you are in single context mode or multiple context mode. In multiple context mode, the Firewall Dashboard is viewable within each context.

Figure 3-4 shows some of the elements of the Firewall Dashboard tab.

Figure 3-4 Firewall Dashboard Tab

Legend

GUI Element	Description
1	Traffic Overview Pane
2	Top 10 Access Rules Pane
3	Top Usage Status Pane
(not shown)	Top Ten Protected Servers Under SYN Attack Pane
(not shown)	Top 200 Hosts Pane
(not shown)	Top Botnet Traffic Filter Hits Pane

Traffic Overview Pane

Enabled by default. If you disable basic threat detection (see the "Configuring Basic Threat Detection Statistics" section on page 52-4), then this area includes an Enable button that lets you enable basic threat detection. The runtime statistics include the following information, which is display-only:

•The number of connections and NAT translations.

•The rate of dropped packets per second caused by access list denials and application inspections.

•The rate of dropped packets per second that are identified as part of a scanning attack, or that are incomplete sessions detected, such as TCP SYN attack detected or no data UDP session attack detected.

Top 10 Access Rules Pane

Enabled by default. If you disable threat detection statistics for access rules (see the "Configuring Advanced Threat Detection Statistics" section on page 52-5), then this area includes an Enable button that lets you enable statistics for access rules.

In the Table view, you can select a rule in the list and right-click the rule to display a popup menu item, Show Rule. Choose this item to go to the Access Rules table and select that rule in this table.

Top Usage Status Pane

Disabled by default. This area includes Enable buttons that let you enable the features, or you can enable them according to the "Configuring Basic Threat Detection Statistics" section on page 52-4. The Top 10 Services Enable button enables statistics for both ports and protocols (both must be enabled for the display). The Top 10 Sources and Top 10 Destinations Enable buttons enable statistics for hosts. The top usage status statistics for hosts (sources and destinations), and ports and protocols are displayed.

---

Caution Enabling statistics can affect the adaptive security appliance performance, depending on the type of statistics enabled. Enabling statistics for hosts affects performance in a significant way; if you have a high traffic load, you might consider enabling this type of statistics temporarily. Enabling statistics for ports, however, has a modest effect.

---

Top Ten Protected Servers Under SYN Attack Pane

Disabled by default. This area includes an Enable button that lets you enable the feature, or you can enable it according to the "Configuring Basic Threat Detection Statistics" section on page 52-4. Statistics for the top ten protected servers under attack are displayed.

For the average rate of attack, the adaptive security appliance samples the data every 30 seconds over the rate interval (by default 30 minutes).

If there is more than one attacker, then "<various>" displays, followed by the last attacker IP address.

Click Detail to view statistics for all servers (up to 1000) instead of just 10 servers. You can also view history sampling data. The adaptive security appliance samples the number of attacks 60 times during the rate interval, so for the default 30-minute period, statistics are collected every 60 seconds.

Top 200 Hosts Pane

Disabled by default. Shows the top 200 hosts connected through the adaptive security appliance. Each entry of a host contains the IP address of the host and the number of connections initiated by the host, and is updated every 120 seconds. To enable this display, enter the hpm topnenable command.

Top Botnet Traffic Filter Hits Pane

Disabled by default. This area includes links to configure the Botnet Traffic Filter. Reports of the top ten botnet sites, ports, and infected hosts provide a snapshot of the data, and may not match the top ten items since statistics started to be collected. If you right-click an IP address, you can invoke the whois tool to learn more about the botnet site.

For more information, see Configuring the Botnet Traffic Filter.

Content Security Tab

The Content Security tab lets you view important information about the Content Security and Control (CSC) SSM. This pane appears only if CSC software running on the CSC SSM is installed in the adaptive security appliance.

For an introduction to the CSC SSM, see the "Information About the CSC SSM" section on page 56-1.

---

Note If you have not completed the CSC Setup Wizard by choosing Configuration > Trend Micro Content Security > CSC Setup, you cannot access the panes under Home > Content Security. Instead, a dialog box appears and lets you access the CSC Setup Wizard directly from this location.

---

Figure 3-5 shows the elements of the Content Security tab.

Figure 3-5 Content Security Tab

Legend

GUI Element	Description
1	CSC SSM Information pane.
2	Threat Summary pane. Shows aggregated data about threats detected by the CSC SSM, including the following threat types: Virus, Spyware, URL Filtered or Blocked, Spam. Blocked, Files Blocked, and Damage Control Services.
3	System Resources Status pane.
4	Email Scan pane. The graphs display data in ten-second intervals.
5	Latest CSC Security Events pane.

Intrusion Prevention Tab

The Intrusion Prevention tab lets you view important information about IPS. This tab appears only when you have IPS software running on the AIP SSM that is installed on the adaptive security appliance.

To connect to the IPS software on the AIP SSM, perform the following steps:

---

Step 1 In the main ASDM application window, click the Intrusion Prevention tab.

Step 2 In the Connecting to IPS dialog box, choose one of the following options:

•Management IP Address, which connects to the IP address of the management port on the SSM.

•Other IP Address or Hostname, which connects to an alternate IP address or hostname on the SSM.

Step 3 Enter the port number in the Port field, and then click Continue.

Step 4 In the Enter Network Password dialog box, type your username and password in the applicable fields, and then click Login.

---

For more information about intrusion prevention, see Configuring the IPS Module.

Figure 3-6 shows the elements of the Health Dashboard tab, located on the Intrusion Prevention tab.

Figure 3-6 Intrusion Prevention Tab (Health Dashboard)

Legend

GUI Element	Description
1	Sensor Information pane.
2	Sensor Health pane.
3	CPU, Memory, and Load pane.
4	Interface Status pane.
5	Licensing pane.

Home Pane (System)

The ASDM System Home pane lets you view important status information about your adaptive security appliance. Many of the details available in the ASDM System Home pane are available elsewhere in ASDM, but this pane shows at-a-glance how your adaptive security appliance is running. Status information in the System Home pane is updated every ten seconds.

Figure 3-7 shows the elements of the System Home pane.

Figure 3-7 System Home Pane

Legend

GUI Element	Description
1	System vs. Context selection.
2	Interface Status pane. Choose an interface to view the total amount of traffic through the interface.
3	Connection Status pane.
4	CPU Status pane.
5	Memory Status pane.