Cisco Systems ASA 5510 Network Router User Manual


  Open as PDF
of 2086
 
48-30
Cisco ASA 5500 Series Configuration Guide using ASDM
Chapter 48 Configuring Inspection for Voice and Video Protocols
SIP Inspection
Request Method—Specifies a request method: ack, bye, cancel, info, invite, message, notify,
options, prack, refer, register, subscribe, unknown, update.
Third-Party Registration Criterion Values—Specifies to match the requester of a third-party
registration. Applies the regular expression match.
Regular Expression—Lists the defined regular expressions to match.
Manage—Opens the Manage Regular Expressions dialog box, which lets you configure regular
expressions.
Regular Expression Class—Lists the defined regular expression classes to match.
Manage—Opens the Manage Regular Expression Class dialog box, which lets you configure
regular expression class maps.
URI Length Criterion Values—Specifies to match a URI of a selected type and greater than the
specified length in the SIP headers.
URI type—Specifies to match either SIP URI or TEL URI.
Greater Than Length—Length in bytes.
Modes
The following table shows the modes in which this feature is available:
SIP Inspect Map
Configuration > Global Objects > Inspect Maps > SIP
The SIP pane lets you view previously configured SIP application inspection maps. A SIP map lets you
change the default configuration values used for SIP application inspection.
SIP is a widely used protocol for Internet conferencing, telephony, presence, events notification, and
instant messaging. Partially because of its text-based nature and partially because of its flexibility, SIP
networks are subject to a large number of security threats.
SIP application inspection provides address translation in message header and body, dynamic opening
of ports and basic sanity checks. It also supports application security and protocol conformance, which
enforce the sanity of the SIP messages, as well as detect SIP-based attacks.
Fields
SIP Inspect Maps—Table that lists the defined SIP inspect maps.
Add—Configures a new SIP inspect map. To edit a SIP inspect map, choose the SIP entry in the SIP
Inspect Maps table and click Customize.
Delete—Deletes the inspect map selected in the SIP Inspect Maps table.
Security Level—Select the security level (high or low).
Low—Default.
Firewall Mode Security Context
Routed Transparent Single
Multiple
Context System
••••