Support User Manuals

Cisco Systems CL-28826-01 Security Camera User Manual

Open as PDF

of 2616

17-37

User Guide for Cisco Security Manager 4.4

OL-28826-01

Chapter 17 Managing Firewall Inspection Rules

Configuring Protocols and Maps for Inspection

Configuring FTP Maps

Use the Add and Edit FTP Map dialog boxes to define the match criterion and values for an FTP inspect

map. You can use an FTP map to block specific FTP protocol methods, such as an FTP PUT, from

passing through the security appliance and reaching your FTP server.

Navigation Path

Select Manage > Policy Objects, then select Maps > Policy Maps > Inspect > FTP from the Object

Type selector. Right-click inside the table, then select New Object or right-click a row, then select Edit

Object.

Related Topics

• Understanding Map Objects, page 6-72

• Configuring Protocols and Maps for Inspection, page 17-21

• Configuring Class Maps for Inspection Policies, page 17-26

Field Reference

Value The regular expression you want to evaluate. You can select one of the

following:

• Regular Expression—The regular expression object that defines

the regular expression you want to use for pattern matching. Enter

the name of the object. You can click Select to choose the object

from a list of existing ones or to create a new regular expression

object.

• Regular Expression Group—The regular expression group object

that defines the regular expression you want to use for pattern

matching. Enter the name of the object. You can click Select to

choose the object from a list of existing ones or to create a new

regular expression group object.

MIME Encoding The type of MIME encoding schemes you want to inspect.

Table 17-18 ESMTP Policy Maps Add and Edit Match Condition and Action Dialog Boxes

Element Description

Table 17-19 Add and Edit FTP Map Dialog Boxes

Element Description

Name The name of the policy object. A maximum of 40 characters is allowed.

Description A description of the policy object. A maximum of 200 characters is

allowed.

Parameters tab

Mask Greeting Banner from

Server

Whether to mask the greeting banner from the FTP server to prevent the

client from discovering server information.

Mask Reply to SYST

Command

Whether to mask the reply to the syst command to prevent the client

from discovering server information.

previous next