Chapter10 Application Security
HTTP
10-8
Cisco Router and Security Device Manager 2.5 User’s Guide
OL-4015-12
HTTP
Specify general settings for HTTP traffic inspection in this window. To learn
about the buttons and drawers available in the Application Security tab, click
Application Security Windows.
Click Permit, Block, and Alarm Controls to learn how to specify the action that
the router takes when it encounters traffic with the characteristics that you specify
in this window.
For more detailed information about how the router can inspect HTTP traffic, see
HTTP Inspection Engine at the following link:
http://www.cisco.com/en/US/products/ps6350/products_configuration_guide_ch
apter09186a0080455acb.html

Detect noncompliant HTTP traffic Checkbox

Check if you want Cisco SDM to examine HTTP traffic for packets that do not
comply with the HTTP protocol. Use the Permit, B lock, and Alarm controls to
specify the action that the router takes when this type of traffic is encountered.
Note Blocking noncompliant HTTP traffic can cause the router to drop traffic from
popular websites that might not be blocked on the basis of conten t, if those
websites do not conform to the HTTP protocol.

Detect tunneling applications Checkbox

Check if you want Cisco SDM to examine HTTP traffic for packets that are
generated by tunneling applications. Use the Permit, Block, and Alarm controls
to specify the action that you want Cisco SDM to take when it encounters this type
of traffic.

Set maximum URI length inspection Checkbox

Check if you want to define a maximum length for Universal Resource Indicators
(URIs). Specify the maximum length in bytes, and then use the Permit, Block, and
Alarm controls to specify the action that the router takes if it encounters an URL
that is longer than this value.