Filter
Top Products
17-23
User Guide for Cisco Security Manager 4.4
OL-28826-01
Chapter 17 Managing Firewall Inspection Rules
Configuring Protocols and Maps for Inspection
HTTP ASA, PIX,
FWSM, IOS
HTTP (ASA
7.1.x, PIX
7.1.x, FWSM
3.x, IOS)
HTTP (ASA
7.2+, PIX
7.2+)
HTTP (ASA,
PIX, FWSM)
Inspect traffic based on a wide
variety of criteria including the
content of the header or body, port
misuse, and whether the traffic
includes a Java applet. The maps
used differ based on the operating
system and version.
For ASA/PIX 7.2+, see
Configuring HTTP Maps for ASA
7.2+ and PIX 7.2+ Devices,
page 17-58 and HTTP Class and
Policy Map (ASA 7.2+/PIX 7.2+)
Add or Edit Match Condition (and
Action) Dialog Boxes,
page 17-59.
For ASA/PIX 7.1.x, FWSM 3.x+,
and IOS, see Configuring HTTP
Maps for ASA 7.1.x, PIX 7.1.x,
FWSM 3.x and IOS Devices,
page 17-50.
SIP ASA, PIX,
FWSM
SIP (ASA,
PIX, FWSM)
SIP (ASA,
PIX, FWSM)
Inspect traffic based on a wide
variety of criteria. See
Configuring SIP Maps,
page 17-77 and SIP Class and
Policy Maps Add or Edit Match
Condition (and Action) Dialog
Boxes, page 17-79.
Skinny ASA, PIX,
FWSM, IOS
Skinny (none) Inspect traffic based on a wide
variety of criteria. See
Configuring Skinny Maps,
page 17-81 and Skinny Policy
Maps Add or Edit Match
Condition and Action Dialog
Boxes, page 17-83.
SMTP ASA, PIX
7.x+, FWSM
3.x+, IOS
(none) (none) Inspect Simple Mail Transfer
Protocol (SMTP) traffic and drop
any that use illegal commands.
You can configure a maximum
data length for packets. See
Configure SMTP Dialog Box,
page 17-18.
SNMP ASA, PIX,
FWSM 3.x+,
IOS
SNMP (none) Inspect SNMP traffic based on
SNMP version. See Configuring
SNMP Maps, page 17-84.
Table 17-10 Configuring Protocols for Deep Inspection in Inspection Rules (Continued)
Protocol Device Types Policy Map
Class Map
(ASA, PIX,
FWSM only)
Description and Match Criteria
Reference