Cisco Systems OL-16647-01 Network Router User Manual


  Open as PDF
of 1230
 
24-120
Cisco ASDM User Guide
OL-16647-01
Chapter 24 Configuring Application Layer Protocol Inspection
Inspect Map Field Descriptions
SIP Inspect Map
The SIP pane lets you view previously configured SIP application inspection maps. A SIP map lets you
change the default configuration values used for SIP application inspection.
SIP is a widely used protocol for Internet conferencing, telephony, presence, events notification, and
instant messaging. Partially because of its text-based nature and partially because of its flexibility, SIP
networks are subject to a large number of security threats.
SIP application inspection provides address translation in message header and body, dynamic opening
of ports and basic sanity checks. It also supports application security and protocol conformance, which
enforce the sanity of the SIP messages, as well as detect SIP-based attacks.
Fields
SIP Inspect Maps—Table that lists the defined SIP inspect maps.
Add—Configures a new SIP inspect map. To edit a SIP inspect map, select the SIP entry in the SIP
Inspect Maps table and click Customize.
Delete—Deletes the inspect map selected in the SIP Inspect Maps table.
Security Level—Select the security level (high or low).
Low—Default.
SIP instant messaging (IM) extensions: Enabled.
Non-SIP traffic on SIP port: Permitted.
Hide server’s and endpoint’s IP addresses: Disabled.
Mask software version and non-SIP URIs: Disabled.
Ensure that the number of hops to destination is greater than 0: Enabled.
RTP conformance: Not enforced.
SIP conformance: Do not perform state checking and header validation.
Medium
SIP instant messaging (IM) extensions: Enabled.
Non-SIP traffic on SIP port: Permitted.
Hide server’s and endpoint’s IP addresses: Disabled.
Mask software version and non-SIP URIs: Disabled.
Ensure that the number of hops to destination is greater than 0: Enabled.
RTP conformance: Enforced.
Limit payload to audio or video, based on the signaling exchange: No
SIP conformance: Drop packets that fail state checking.
Firewall Mode Security Context
Routed Transparent Single
Multiple
Context System
• • • •
 previous next