Filter
Top Products
21-66
User Guide for Cisco Security Manager 4.4
OL-28826-01
Chapter 21 Managing Zone-based Firewall Rules
Zone-based Firewall Rules Page
Table 21-26 Configure Protocol Dialog Box
Element Description
Protocol Name The name of the selected protocol. If you are creating a custom
protocol, you can enter a name of up to 19 characters. Custom protocol
names must begin with user-.
Enable Signature This option is available only when editing the peer-to-peer (eDonkey,
FastTrack, Gnutella, Kazaa2) protocols.
Enabling this option means Network-based Application Recognition
(NBAR) heuristics will be applied to the traffic to detect “telltales” that
signify specific P2P application activity. These telltales includes
port-hopping and other changes in application behavior to avoid traffic
detection.
Note This level of traffic inspection comes at the price of increased
CPU utilization and reduced network throughput capability.
Deep Inspection This option is available only when editing the H.323, HTTP, IM (AOL,
ICQ, MSN Messenger, Windows Messenger, and Yahoo Messenger),
IMAP, P2P (eDonkey, FastTrack, Gnutella, Kazaa2), POP3, SIP, SMTP,
Sun RPC protocols, and Inspect is the chosen Action for the
zone-based firewall rule.
Enter or Select the name of the Inspect policy map to be used with the
selected protocol. See Configuring Inspection Maps for Zone-based
Firewall Policies, page 21-15 for more information about these policy
maps.
Protocol Info This option is available only when editing the Instant Messaging (AOL,
ICQ, MSN Messenger, Windows Messenger, and Yahoo Messenger)
and Stun-ice protocols.
Enter or Select the name of the Protocol Info parameter map to be used
with the selected protocol. These parameter maps define the DNS
servers that interact with these applications, which helps the Instant
Messaging (IM) application engine recognize the IM traffic and enforce
the configured policy for that IM application.
See Configuring Protocol Info Parameter Maps, page 21-32 for more
information about these parameter maps.
Port Application Mapping
These options let you customize the Port Application Mapping (PAM)
parameters for the selected protocol.
Protocol Select the transport protocol(s) for this mapping:
• TCP/UDP
• TCP
• UDP
Ports Enter any combination of a single port number, multiple port numbers,
or a range of ports (for example, 60000-60005). Separate multiple
entries with commas. Do not specify a range that overlaps already
mapped ports.