Cisco Systems ASA 5585-X Webcam User Manual


 
11-40
Cisco ASA Series Firewall ASDM Configuration Guide
Chapter 11 Configuring Inspection of Basic Internet Protocols
Instant Messaging Inspection
IM Inspection Overview
The IM inspect engine lets you apply fine grained controls on the IM application to control the network
usage and stop leakage of confidential data, propagation of worms, and other threats to the corporate
network.
Adding a Class Map for IM Inspection
Use the Add Service Policy Rule Wizard - Rule Actions dialog box to configure IP Options inspection.
This wizard is available from the Configuration > Firewall > Service Policy Rules > Add > Add Service
Policy Rule Wizard - Rule Actions dialog box.
Step 1 Choose Configuration > Firewall > Objects > Class Maps > Instant Messaging (IM). The table
displaying the configured class maps for Instant Messaging Inspection appears.
Step 2 To add a new class map, click Add. The Add Instant Messaging (IM) Traffic Class Map dialog box
appears.
Step 3 Enter a name for the class map.
Step 4 (Optional) Enter a description for the class map. The description can contain up to 200 characters.
Step 5 In the Match Option field, click an option for the class map:
Match All—Specifies that traffic must match all criteria to match the class map. By default, the
Match All option is selected.
Match Any—Specifies that the traffic matches the class map if it matches at least one of the criteria.
Step 6 Click Add to add a match criteria for the class map. The Add Instant Messaging (IM) Match Criterion
dialog box appears.
Step 7 In the Match Type field, click the Match or No Match radio button.
Step 8 In the Criterion drop-down list, select one of the following options and specify the criteria value.
Depending on which option you select, the Value fields dynamically refresh to display the appropriate
values for that criteria.
Protocol—Select to match traffic of a specific IM protocol, such as Yahoo Messenger or MSN
Messenger.
Service—Select to match a specific IM service, such as chat, file-transfer, webcam, voice-chat,
conference, or games.
Version—Select to match the version of the IM message. In the Value fields, click the Regular
Expression or Regular Expression Class option and select an expression from the drop-down list.
See Configuring Regular Expressions, page 20-11 in the general operations configuration guide.
Client Login Name—Select to match the source login name of the IM message. In the Value fields,
click the Regular Expression or Regular Expression Class option and select an expression from
the drop-down list.
See Configuring Regular Expressions, page 20-11 in the general operations configuration guide.
Client Peer Login Name—Select to match the destination login name of the IM message. In the
Value fields, click the Regular Expression or Regular Expression Class option and select an
expression from the drop-down list.
See Configuring Regular Expressions, page 20-11 in the general operations configuration guide.