4-3
Cisco 4700 Series Application Control Engine Appliance Administration Guide
OL-11157-01
Chapter 4 Configuring Class Maps and Policy Maps
Class Map and Policy Map Overview
3. Activating the policy map and attaching it to a specific VLAN interface or
globally to all VLAN interfaces associated with a context by using the
service-policy command that are to filter traffic received by the ACE.
Traffic policies support the following feature-specific actions performed by the
AC
E:
• Remote access using the following management protocols: HTTP, HTTPS,
Internet Control Message Protocol (ICMP), Simple Network Management
Protocol (SNMP), Secure Shell (SSH), or Telnet
• Server load balancing based on Layer 3 and Layer 4 connection information
(virtual IP address)
• Application acceleration and optimization
• Server load balancing based on Layer 7 HTTP-related information (such as
HTTP headers, cookies, and URLs), or client source IP address
• SSL security services between a web browser (the client) and the HTTP
connection (the server)
• HTTP deep packet inspection
• FTP command request inspection
• Application protocol inspection (also known as protocol fixup)
• NAT
• TCP/IP termination and normalization
• Exchange XML documents over HTTP or secure HTTP (HTTPS)
This section contains the following overview topics:
• Class Maps
• Policy Maps
• Service Policies
The flow chart shown in Fi
gure 4-1 shows a basic overview of the process
required to configure class maps and policy maps (application protocol
i
nspection). The figure also illustrates how the ACE associates the various
components of the class map and policy map configuration with each other.
To Next Page
Loading...
