Filter
Top Products
24-8
Cisco ASDM User Guide
OL-16647-01
Chapter 24 Configuring Application Layer Protocol Inspection
ESMTP Inspection
Figure 24-1 Translating the Address in a DNS Reply (DNS Rewrite)
DNS rewrite also works if the client making the DNS request is on a DMZ network and the DNS server
is on an inside interface.
ESMTP Inspection
ESMTP inspection detects attacks, including spam, phising, malformed message attacks, buffer
overflow/underflow attacks. It also provides support for application security and protocol conformance,
which enforce the sanity of the ESMTP messages as well as detect several attacks, block
senders/receivers, and block mail relay.
FTP Inspection
This section describes the FTP inspection engine. This section includes the following topics:
• FTP Inspection Overview, page 24-8
• Using Strict FTP, page 24-9
• Verifying and Monitoring FTP Inspection, page 24-10
FTP Inspection Overview
The FTP application inspection inspects the FTP sessions and performs four tasks:
• Prepares dynamic secondary data connection
• Tracks the FTP command-response sequence
• Generates an audit trail
• Translates the embedded IP address
FTP application inspection prepares secondary channels for FTP data transfer. Ports for these channels
are negotiated through PORT or PASV commands. The channels are allocated in response to a file
upload, a file download, or a directory listing event.
132406
Web server
server.example.com
192.168.100.1
Web client
http://server.example.com
192.168.100.2
ISP Internet
DNS server
server.example.com IN A 209.165.200.5
Security appliance
192.168.100.1IN A 209.165.200.5