Cisco Systems OL-16647-01 Network Router User Manual


  Open as PDF
of 1230
 
24-95
Cisco ASDM User Guide
OL-16647-01
Chapter 24 Configuring Application Layer Protocol Inspection
Inspect Map Field Descriptions
Manage—Opens the Manage H323 Class Maps dialog box to add, edit, or delete H.323 Class
Maps.
Action—Drop packet, drop connection, or reset.
Modes
The following table shows the modes in which this feature is available:
HTTP Inspect Map
The HTTP pane lets you view previously configured HTTP application inspection maps. An HTTP map
lets you change the default configuration values used for HTTP application inspection.
HTTP application inspection scans HTTP headers and body, and performs various checks on the data.
These checks prevent various HTTP constructs, content types, and tunneling and messaging protocols
from traversing the security appliance.
HTTP application inspection can block tunneled applications and non-ASCII characters in HTTP
requests and responses, preventing malicious content from reaching the web server. Size limiting of
various elements in HTTP request and response headers, URL blocking, and HTTP server header type
spoofing are also supported.
Fields
HTTP Inspect Maps—Table that lists the defined HTTP inspect maps.
Add—Configures a new HTTP inspect map. To edit an HTTP inspect map, select the HTTP entry
in the HTTP Inspect Maps table and click Customize.
Delete—Deletes the inspect map selected in the HTTP Inspect Maps table.
Security Level—Select the security level (low, medium, or high).
Low—Default.
Protocol violation action: Drop connection
Drop connections for unsafe methods: Disabled
Drop connections for requests with non-ASCII headers: Disabled
URI filtering: Not configured
Advanced inspections: Not configured
Medium
Protocol violation action: Drop connection
Drop connections for unsafe methods: Allow only GET, HEAD, and POST
Drop connections for requests with non-ASCII headers: Disabled
URI filtering: Not configured
Advanced inspections: Not configured
Firewall Mode Security Context
Routed Transparent Single
Multiple
Context System
• • • •
 previous next