Is span monitoring on Cisco ASA 5520 possible?

From what I have read, you can use the switchport monitor command on ASA 5505's to setup a Span port due to the back of the ASA actually being a switch.

On my 5520, I do not see the switchport command listed when issuing a ? via the CLI. How do people monitor traffic on non-5505's? My goal is to connect our IDS/IPS device that is running is promiscuous mode to a Ethernet port on the 5520 to monitor WAN traffic.

I do not want to have to pass the WAN traffic through a switch as it would require me to get two (for redundancy) STP/switchport capable switches. Also, we have the 4GE SSM module for fiber WAN connectivity installed on the device so adding the IPS module is not an option.

Our IPS system is the Cisco IPS 4240. Would another option be to have Netflow or verbose syslog messages sent to the IPS device?

Guide to setting up switchport access on a 5505: http://www.wr-mem.com/?p=66

I've tried that: ciscoasa(config-if)# ^switchport monitor g0/3 ERROR: % Invalid input detected at ^ On a 5520 with 8.2 I don't think that a switchport command it an option on anything other than the 5505's. It isn't even showing up in the ? when it lists the available commands.

Interesting... Yup, just confirmed that it works on my 5505, but not my 5510. I'll see what else I can dig up.

5510+'s don't have a switch backing to the ports.

@Zypher: Yup, just updated my answer once I found that out. :)