Functional Screens

In addition to the Home screen, the ASDM interface comes with the following two functional screens:

• Configuration screen
• Monitoring screen

Configuration Screen

The Configuration screen is useful when the new or existing configuration needs to be modified. It contains on the left side eight or nine Features icons, depending on the hardware setup of Cisco ASA, as shown in Figure 18-11.

Figure 18-11. Configuration Screen

Here are the Features icons of the Configuration screen:

• Interfaces Configures interfaces and sub-interfaces on the security Cisco ASA. This panel is discussed in the section "Interface Management," later in the chapter.
• Security Policy Helpful in creating security policies to filter packets traversing through Cisco ASA. This panel is discussed in Chapter 19, "Firewall Management Using ASDM."
• NAT Creates policies for address translation. This panel is discussed in Chapter 19.
• VPN Sets up the site-to-site and remote-access VPN tunnels. This panel is discussed in Chapter 21, "VPN Management Using ASDM."
• IPS Sets up policies for the SSM card to monitor and drop unauthorized packets. This icon is not visible if an SSM card is not present. This panel is discussed in Chapter 20, "IDS Management Using ASDM."
• Routing Helpful in setting up the static routes and dynamic routing protocols. This panel is discussed in Chapter 19.
• Building Blocks Enables and modifies parameters for the inspection engines. Chapter 19 discusses this panel.
• Device Administration Here, the basic device features can be set up. These features are discussed later in this chapter.
• Properties Helpful in setting up the basic software features, such as system logging and failover. Some of the features are discussed in this chapter and the remaining features are introduced in Chapter 19.

Monitoring Screen

The Monitoring screen displays statistics about the hardware and software features of the security Cisco ASA. ASDM provides real-time graphs to monitor the health and status of Cisco ASA. Figure 18-12 shows the initial Monitoring screen.

Figure 18-12. Monitoring Screen

Similar to the Configuration screen, the Monitoring screen also displays seven or eight icons, depending on whether or not you have the SSM module installed.

Here are the Features icons of the Configuration screen:

• Interfaces Monitors interfaces and sub-interfaces by maintaining ARP, DHCP, and dynamic ACLs tables. It also provides a graphical representation of interface utilization and packet throughput.
• VPN Monitors the active VPN connections on the security Cisco ASA. This panel is discussed in Chapter 21.
• IPS Provides statistical information for the packets going through the IPS engine. This panel is discussed in Chapter 20. This icon is not present if the IPS module is not installed.
• Routing Displays the current routing table and OSPF LSA types.
• Administration Monitors active administrative sessions such as Telnet, SSH, and ASDM. It also provides graphical information about CPU, memory, and blocks utilization.
• Connection Graphs Provides graphical information about the active translations and UDP/TCP connections.
• Logging Displays log messages as live events. It also shows log messages from the buffer space.
• IP Audit Provides graphical information if the IP audit feature is enabled. This panel is discussed in Chapter 20.