11-32
Cisco ASA Series Firewall ASDM Configuration Guide
Chapter 11 Configuring Inspection of Basic Internet Protocols
HTTP Inspection
HTTP Inspect Map
The HTTP Inspect Map dialog box is accessible as follows:
Configuration > Global Objects > Inspect Maps > HTTP
The HTTP pane lets you view previously configured HTTP application inspection maps. An HTTP map
lets you change the default configuration values used for HTTP application inspection.
HTTP application inspection scans HTTP headers and body, and performs various checks on the data.
These checks prevent various HTTP constructs, content types, and tunneling and messaging protocols
from traversing the security appliance.
HTTP application inspection can block tunneled applications and non-ASCII characters in HTTP
requests and responses, preventing malicious content from reaching the web server. Size limiting of
various elements in HTTP request and response headers, URL blocking, and HTTP server header type
spoofing are also supported.
Fields
• HTTP Inspect Maps—Table that lists the defined HTTP inspect maps.
• Add—Configures a new HTTP inspect map. To edit an HTTP inspect map, choose the HTTP entry
in the HTTP Inspect Maps table and click Customize.
• Delete—Deletes the inspect map selected in the HTTP Inspect Maps table.
• Security Level—Select the security level (low, medium, or high).
–
Low—Default.
Protocol violation action: Drop connection
Drop connections for unsafe methods: Disabled
Drop connections for requests with non-ASCII headers: Disabled
URI filtering: Not configured
Advanced inspections: Not configured
–
Medium
Protocol violation action: Drop connection
Drop connections for unsafe methods: Allow only GET, HEAD, and POST
Drop connections for requests with non-ASCII headers: Disabled
URI filtering: Not configured
Advanced inspections: Not configured
–
High
Protocol violation action: Drop connection and log
Drop connections for unsafe methods: Allow only GET and HEAD.
Drop connections for requests with non-ASCII headers: Enabled
URI filtering: Not configured
Advanced inspections: Not configured
–
URI Filtering—Opens the URI Filtering dialog box to configure URI filters.
–
Customize—Opens the Edit HTTP Policy Map dialog box for additional settings.
–
Default Level—Sets the security level back to the default level of Medium.