CHAPTER
40-1
Cisco ASA 5500 Series Configuration Guide using ASDM
OL-20339-01
40
Configuring Inspection for Management
Application Protocols
This chapter describes how to configure application layer protocol inspection. Inspection engines are
required for services that embed IP addressing information in the user data packet or that open secondary
channels on dynamically assigned ports. These protocols require the adaptive security appliance to do a
deep packet inspection instead of passing the packet through the fast path. As a result, inspection engines
can affect overall throughput.
Several common inspection engines are enabled on the adaptive security appliance by default, but you
might need to enable others depending on your network. This chapter includes the following sections:
• DCERPC Inspection, page 40-1
• GTP Inspection, page 40-5
• RADIUS Accounting Inspection, page 40-12
• RSH Inspection, page 40-16
• SNMP Inspection, page 40-16
• XDMCP Inspection, page 40-18
DCERPC Inspection
This section describes the DCERPC inspection engine. This section includes the following topics:
• DCERPC Overview, page 40-1
• “Select DCERPC Map” section on page 40-2
• “DCERPC Inspect Map” section on page 40-2
• “Add/Edit DCERPC Policy Map” section on page 40-4
DCERPC Overview
DCERPC is a protocol widely used by Microsoft distributed client and server applications that allows
software clients to execute programs on a server remotely.
To Next Page
Loading...
Need help?
General
