Filter
Top Products
17-25
User Guide for Cisco Security Manager 4.4
OL-28826-01
Chapter 17 Managing Firewall Inspection Rules
Configuring Protocols and Maps for Inspection
Related Topics
• Selecting Which Protocols To Inspect, page 17-3
• Understanding Inspection Rules, page 17-1
• Using Inspection To Prevent Denial of Service (DoS) Attacks on IOS Devices, page 17-4
• Configuring Inspection Rules, page 17-5
• Creating Policy Objects, page 6-9
• Understanding Map Objects, page 6-72
ESMTP ASA, PIX
7.x+, FWSM
3.x+, IOS
ESMTP (none) Inspect ESMTP traffic. For IOS,
you can configure only maximum
data length. For ASA, PIX,
FWSM, you can inspect traffic
based on a wide variety of criteria.
See Configuring ESMTP Maps,
page 17-34.
Fragment IOS (none) (none) Inspect traffic based on a
maximum allowed number of
unassembled packet fragments.
See Configure Fragments Dialog
Box, page 17-19.
IMAP (Internet
Message Access
Protocol)
POP3 (Post Office
Protocol 3)
IOS (none) (none) Inspect traffic based on invalid
commands or clear text logins. See
Configure IMAP or POP3 Dialog
Boxes, page 17-19.
RPC (Sun Remote
Procedure Call)
FWSM 2.x,
IOS
(none) (none) Inspect traffic based on the RPC
protocol number. See Configure
RPC Dialog Box, page 17-20.
IM ASA, PIX
7.x+, IOS
IM (ASA
7.2+, PIX
7.2+)
IM (IOS)
IM (only for
ASA, PIX)
Inspect traffic based on a wide
variety of criteria. The allowed
maps differ based on operating
system version.
For ASA, PIX, see Configuring
IM Maps for ASA 7.2+, PIX 7.2+
Devices, page 17-64 and IM Class
and Policy Map (ASA 7.2+/PIX
7.2+) Add or Edit Match
Condition (and Action) Dialog
Boxes, page 17-65.
For IOS, see Configuring IM
Maps for IOS Devices,
page 17-67.
Table 17-10 Configuring Protocols for Deep Inspection in Inspection Rules (Continued)
Protocol Device Types Policy Map
Class Map
(ASA, PIX,
FWSM only)
Description and Match Criteria
Reference