37-31
Cisco ASA 5500 Series Configuration Guide using ASDM
OL-20339-01
Chapter 37 Configuring Inspection of Basic Internet Protocols
HTTP Inspection
• Security Level—Select the security level (low, medium, or high).
–
Low—Default.
Protocol violation action: Drop connection
Drop connections for unsafe methods: Disabled
Drop connections for requests with non-ASCII headers: Disabled
URI filtering: Not configured
Advanced inspections: Not configured
–
Medium
Protocol violation action: Drop connection
Drop connections for unsafe methods: Allow only GET, HEAD, and POST
Drop connections for requests with non-ASCII headers: Disabled
URI filtering: Not configured
Advanced inspections: Not configured
–
High
Protocol violation action: Drop connection and log
Drop connections for unsafe methods: Allow only GET and HEAD.
Drop connections for requests with non-ASCII headers: Enabled
URI filtering: Not configured
Advanced inspections: Not configured
–
URI Filtering—Opens the URI Filtering dialog box to configure URI filters.
–
Customize—Opens the Edit HTTP Policy Map dialog box for additional settings.
–
Default Level—Sets the security level back to the default level of Medium.
Modes
The following table shows the modes in which this feature is available:
URI Filtering
The URI Filtering dialog box is accessible as follows:
Configuration > Global Objects > Inspect Maps > HTTP > URI Filtering
The URI Filtering dialog box lets you configure the settings for an URI filter.
Fields
• Match Type—Shows the match type, which can be a positive or negative match.
Firewall Mode Security Context
Routed Transparent Single
Multiple
Context System
••••—
To Next Page
Loading...
Need help?
General
