Cisco Systems ASA 5580 Webcam User Manual


 
11-34
Cisco ASA Series Firewall ASDM Configuration Guide
Chapter 11 Configuring Inspection of Basic Internet Protocols
HTTP Inspection
URI filtering: Not configured
Advanced inspections: Not configured
High
Protocol violation action: Drop connection and log
Drop connections for unsafe methods: Allow only GET and HEAD.
Drop connections for requests with non-ASCII headers: Enabled
URI filtering: Not configured
Advanced inspections: Not configured
URI Filtering—Opens the URI Filtering dialog box which lets you configure the settings for an
URI filter.
Default Level—Sets the security level back to the default.
Details—Shows the Parameters and Inspections tabs to configure additional settings.
Add/Edit HTTP Policy Map (Details)
The Add/Edit HTTP Policy Map (Details) dialog box is accessible as follows:
Configuration > Global Objects > Inspect Maps > HTTP > HTTP Inspect Map > Advanced View
The Add/Edit HTTP Policy Map pane lets you configure the security level and additional settings for
HTTP application inspection maps.
Fields
Name—When adding an HTTP map, enter the name of the HTTP map. When editing an HTTP map,
the name of the previously configured HTTP map is shown.
Description—Enter the description of the HTTP map, up to 200 characters in length.
Security Level—Shows the security level and URI filtering settings to configure.
Parameters—Tab that lets you configure the parameters for the HTTP inspect map.
Check for protocol violations—Checks for HTTP protocol violations.
Action—Drop Connection, Reset, Log.
Log—Enable or disable.
Spoof server string—Replaces the server HTTP header value with the specified string.
Spoof String—Enter a string to substitute for the server header field. Maximum is 82 characters.
Body Match Maximum—The maximum number of characters in the body of an HTTP message
that should be searched in a body match. Default is 200 bytes. A large number will have a
significant impact on performance.
Inspections—Tab that shows you the HTTP inspection configuration and lets you add or edit.
Match Type—Shows the match type, which can be a positive or negative match.
Criterion—Shows the criterion of the HTTP inspection.
Value—Shows the value to match in the HTTP inspection.
Action—Shows the action if the match condition is met.
Log—Shows the log state.