Filter
Top Products
17-47
User Guide for Cisco Security Manager 4.4
OL-28826-01
Chapter 17 Managing Firewall Inspection Rules
Configuring Protocols and Maps for Inspection
Add or Edit HSI Group Dialog Boxes
Use the Add or Edit HSI group dialog boxes to add HSI groups to an H.323 policy inspection map.
Navigation Path
From the Parameters tab on the Add and Edit H.323 Map dialog boxes, click the Add Row button in the
HSI group table, or select a row and click the Edit Row button. See Configuring H.323 Maps,
page 17-45.
Field Reference
Match Condition and Action Tab
The Match All table lists the criteria included in the policy map. Each row indicates whether the
inspection is looking for traffic that matches or does not match each criterion, the criterion and value
that is inspected, and the action to be taken for traffic that satisfies the conditions.
• To add a criterion, click the Add button and fill in the Match Condition and Action dialog box (see
H.323 Class and Policy Maps Add or Edit Match Condition (and Action) Dialog Boxes,
page 17-48).
• To edit a criterion, select it and click the Edit button.
• To delete a criterion, select it and click the Delete button.
Category The category assigned to the object. Categories help you organize and
identify rules and objects. See Using Category Objects, page 6-12.
Allow Value Override per
Device
Overrides
Edit button
Whether to allow the object definition to be changed at the device level.
For more information, see Allowing a Policy Object to Be Overridden,
page 6-18 and Understanding Policy Object Overrides for Individual
Devices, page 6-17.
If you allow device overrides, you can click the Edit button to create,
edit, and view the overrides. The Overrides field indicates the number
of devices that have overrides for this object.
Table 17-24 Add and Edit H.323 Map Dialog Boxes (Continued)
Element Description
Table 17-25 Add and Edit HSI Group Dialog Boxes
Element Description
Group ID The HSI group ID number (0 to 2147483647).
IP Address The IP address of the HSI host.
Endpoint table The end points associated with HSI group. You can add up to 10 end
points per group. For each end point, you specify the IP address and
interface policy group.
• To add an end point, click the Add button and fill in the dialog box
(see Add or Edit HSI Endpoint IP Address Dialog Boxes,
page 17-48).
• To edit an end point, select it and click the Edit button.
• To delete an end point, select it and click the Delete button.