Support User Manuals

Cisco Systems OL-16647-01 Network Router User Manual

Open as PDF

of 1230

24-98

Cisco ASDM User Guide

OL-16647-01

Chapter 24 Configuring Application Layer Protocol Inspection

Inspect Map Field Descriptions

Modes

The following table shows the modes in which this feature is available:

Add/Edit HTTP Policy Map (Details)

The Add/Edit HTTP Policy Map pane lets you configure the security level and additional settings for

HTTP application inspection maps.

Fields

• Name—When adding an HTTP map, enter the name of the HTTP map. When editing an HTTP map,

the name of the previously configured HTTP map is shown.

• Description—Enter the description of the HTTP map, up to 200 characters in length.

• Security Level—Shows the security level and URI filtering settings to configure.

• Parameters—Tab that lets you configure the parameters for the HTTP inspect map.

–

Check for protocol violations—Checks for HTTP protocol violations.

Action—Drop Connection, Reset, Log.

Log—Enable or disable.

–

Spoof server string—Replaces the server HTTP header value with the specified string.

Spoof String—Enter a string to substitute for the server header field. Maximum is 82 characters.

–

Body Match Maximum—The maximum number of characters in the body of an HTTP message

that should be searched in a body match. Default is 200 bytes. A large number will have a

significant impact on performance.

• Inspections—Tab that shows you the HTTP inspection configuration and lets you add or edit.

–

Match Type—Shows the match type, which can be a positive or negative match.

–

Criterion—Shows the criterion of the HTTP inspection.

–

Value—Shows the value to match in the HTTP inspection.

–

Action—Shows the action if the match condition is met.

–

Log—Shows the log state.

–

Add—Opens the Add HTTP Inspect dialog box to add an HTTP inspection.

–

Edit—Opens the Edit HTTP Inspect dialog box to edit an HTTP inspection.

–

Delete—Deletes an HTTP inspection.

–

Move Up—Moves an inspection up in the list.

–

Move Down—Moves an inspection down in the list.

Modes

The following table shows the modes in which this feature is available:

Firewall Mode Security Context

Routed Transparent Single

Multiple

Context System

• • • •—

previous next