17-51
User Guide for Cisco Security Manager 4.4
OL-28826-01
Chapter 17 Managing Firewall Inspection Rules
Configuring Protocols and Maps for Inspection
HTTP Map General Tab
Use the General tab to define the action taken when non-compliant HTTP requests are received and to
enable verification of content type.
Navigation Path
Click the General tab on the Add and Edit HTTP Map dialog boxes for ASA 7.1.x/PIX 7.1.x/FWSM
3.x/IOS Devices. See Configuring HTTP Maps for ASA 7.1.x, PIX 7.1.x, FWSM 3.x and IOS Devices,
page 17-50.
Related Topics
• Understanding Map Objects, page 6-72
• Configuring Protocols and Maps for Inspection, page 17-21
Field Reference
Category The category assigned to the object. Categories help you organize and
identify rules and objects. See Using Category Objects, page 6-12.
Allow Value Override per
Device
Overrides
Edit button
Whether to allow the object definition to be changed at the device level.
For more information, see Allowing a Policy Object to Be Overridden,
page 6-18 and Understanding Policy Object Overrides for Individual
Devices, page 6-17.
If you allow device overrides, you can click the Edit button to create,
edit, and view the overrides. The Overrides field indicates the number
of devices that have overrides for this object.
Table 17-28 Add and Edit HTTP Map Dialog Boxes for ASA 7.1.x/PIX 7.1.x/FWSM 3.x/IOS Devices
Element Description
Table 17-29 HTTP Map General Tab
Element Description
Take action for non-RFC
2616 compliant traffic
Whether you want to configure the action to be taken for traffic that
does not comply with RFC 2616. Possible actions are:
• Allow Packet—Allow the message.
• Drop Packet—Close the connection.
• Reset Connection (default)—Send a TCP reset message to client
and server.
You can also select Generate Syslog to write a message to the syslog
if non-compliant traffic is encountered.