EasyManuals Logo

Cisco 5510 - ASA SSL / IPsec VPN Edition Configuration Guide

Cisco 5510 - ASA SSL / IPsec VPN Edition
1822 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #799 background imageLoading...
Page #799 background image
37-15
Cisco ASA 5500 Series Configuration Guide using ASDM
OL-20339-01
Chapter 37 Configuring Inspection of Basic Internet Protocols
FTP Inspection
Select FTP Map
The Select FTP Map dialog box is accessible as follows:
Add/Edit Service Policy Rule Wizard > Rule Actions > Protocol Inspection Tab >
Select FTP Map
The Select FTP Map dialog box lets you enable strict FTP application inspection, select an FTP map, or
create a new FTP map. An FTP map lets you change the configuration values used for FTP application
inspection.The Select FTP Map table provides a list of previously configured maps that you can select
for application inspection.
Fields
• FTP Strict (prevent web browsers from sending embedded commands in FTP requests)—Enables
strict FTP application inspection, which causes the adaptive security appliance to drop the
connection when an embedded command is included in an FTP request.
• Use the default FTP inspection map—Specifies to use the default FTP map.
• Select an FTP map for fine control over inspection—Lets you select a defined application inspection
map or add a new one.
• Add—Opens the Add Policy Map dialog box for the inspection.
Modes
The following table shows the modes in which this feature is available:
FTP Class Map
The FTP Class Map dialog box is accessible as follows:Configuration > Global Objects > Class Maps
> FTP
The FTP Class Map pane lets you configure FTP class maps for FTP inspection.
An inspection class map matches application traffic with criteria specific to the application. You then
identify the class map in the inspect map and enable actions. The difference between creating a class
map and defining the traffic match directly in the inspect map is that you can create more complex match
criteria and you can reuse class maps. The applications that support inspection class maps are DNS, FTP,
H.323, HTTP, IM, and SIP.
Fields
• Name—Shows the FTP class map name.
• Match Conditions—Shows the type, match criterion, and value in the class map.
–
Match Type—Shows the match type, which can be a positive or negative match.
–
Criterion—Shows the criterion of the FTP class map.
–
Value—Shows the value to match in the FTP class map.
Firewall Mode Security Context
Routed Transparent Single
Multiple
Context System
••••—

Table of Contents

Other manuals for Cisco 5510 - ASA SSL / IPsec VPN Edition

Preview: Cli Configuration Guide
Cli Configuration Guide2164 pages
Preview: Hardware Installation Guide
Hardware Installation Guide82 pages
Preview: Getting Started Guide
Getting Started Guide208 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco 5510 - ASA SSL / IPsec VPN Edition and is the answer not in the manual?

Cisco 5510 - ASA SSL / IPsec VPN Edition Specifications

General IconGeneral
BrandCisco
Model5510 - ASA SSL / IPsec VPN Edition
CategoryFirewall
LanguageEnglish

Related product manuals