Filter
Top Products
22-4
Cisco ASDM User Guide
OL-16647-01
Chapter 22 Configuring Service Policy Rules
Service Policy Overview
Note Application inspection includes multiple inspection types, and each inspection type is a separate feature
when you consider the matching guidelines above.
Order in Which Multiple Feature Actions within a Rule are Applied
The order in which different types of actions in a service policy are performed is independent of the order
in which the actions appear in ASDM.
Note NetFlow Secure Event Logging filtering is order-independent.
Actions are performed in the following order:
1. QoS input policing
2. TCP normalization, TCP and UDP connection limits and timeouts, and TCP sequence number
randomization
Note When a the security appliance performs a proxy service (such as AAA or CSC) or it modifies
the TCP payload (such as FTP inspection), the TCP normalizer acts in dual mode, where it is
applied before and after the proxy or payload modifying service.
3. CSC
4. Application inspection (multiple types)
The order of application inspections applied when a class of traffic is classified for multiple
inspections is as follows. Only one inspection type can be applied to the same traffic. WAAS
inspection is an exception, because it can applied along with other inspections for the same traffic.
See the “Incompatibility of Certain Feature Actions” section on page 22-5 for more information.
a. CTIQBE
b. DNS
c. FTP
d. GTP
e. H323
f. HTTP
g. ICMP
h. ICMP error
i. ILS
j. MGCP
k. NetBIOS
l. PPTP
m. Sun RPC
n. RSH
o. RTSP