Filter
Top Products
24-61
Cisco ASDM User Guide
OL-16647-01
Chapter 24 Configuring Application Layer Protocol Inspection
Inspect Map Field Descriptions
Use the Service Policy Rules tab on the Security Policy pane to apply the inspect map to traffic matching
the criteria specified in the service policy. A service policy can apply to a specific interface or to all the
interfaces on the security appliance.
DCERPC The DCERPC inspection lets you create, view, and manage DCERPC
inspect maps. You can use a DCERPC map to inspect DCERPC messages
between a client and endpoint mapper, and to apply NAT for the secondary
connection, if needed. DCERPC is a specification for a remote procedure
call mechanism.
DNS The DNS inspection lets you create, view, and manage DNS inspect maps.
You can use a DNS map to have more control over DNS messages and to
protect against DNS spoofing and cache poisoning. DNS is used to resolve
information about domain names, including IP addresses and mail servers.
ESMTP The ESMTP inspection lets you create, view, and manage ESMTP inspect
maps. You can use an ESMTP map for application security and protocol
conformance to protect against attacks, to block senders and receivers, and
to block mail relay. Extended SMTP defines protocol extensions to the
SMTP standard.
FTP The FTP inspection lets you create, view, and manage FTP inspect maps.
FTP is a common protocol used for transferring files over a TCP/IP
network, such as the Internet. You can use an FTP map to block specific FTP
protocol methods, such as an FTP PUT, from passing through the security
appliance and reaching your FTP server.
GTP The GTP inspection lets you create, view, and manage GTP inspect maps.
GTP is a relatively new protocol designed to provide security for wireless
connections to TCP/IP networks, such as the Internet. You can use a GTP
map to control timeout values, message sizes, tunnel counts, and GTP
versions traversing the security appliance.
H.323 The H.323 inspection lets you create, view, and manage H.323 inspect
maps. You can use an H.323 map to inspect RAS, H.225, and H.245 VoIP
protocols, and for state tracking and filtering.
HTTP The HTTP inspection lets you create, view, and manage HTTP inspect
maps. HTTP is the protocol used for communication between Worldwide
Web clients and servers. You can use an HTTP map to enforce RFC
compliance and HTTP payload content type. You can also block specific
HTTP methods and prevent the use of certain tunneled applications that use
HTTP as the transport.
IM The IM inspection lets you create, view, and manage IM inspect maps. You
can use an IM map to control the network usage and stop leakage of
confidential data and other network threats from IM applications.
IPSec Pass Through The IPSec Pass Through inspection lets you create, view, and manage IPSec
Pass Through inspect maps. You can use an IPSec Pass Through map to
permit certain flows without using an access list.
MGCP The MGCP inspection lets you create, view, and manage MGCP inspect
maps. You can use an MGCP map to manage connections between VoIP
devices and MGCP call agents.
NetBIOS The NetBIOS inspection lets you create, view, and manage NetBIOS
inspect maps. You can use a NetBIOS map to enforce NetBIOS protocol
conformance including field count and length consistency, and message
checks.