Chapter10 Application Security
HTTP
10-10
Cisco Router and Security Device Manager 2.5 User’s Guide
OL-4015-12

Set maximum header length checkbox

Check if you want the router to permit or deny traffic based on HTTP he ader
length, and specify the maximum Request and maximum Response header length.
Use the Permit, Block, and Alarm controls to specify the action the router takes
if header length exceeds these lengths.

Configure Extension Request Method checkboxes

If you want the router to permit or deny HTTP traffic based on an exten sion
request method, check the box next to that request method . Use the Permit,
Block, and Alarm controls to specify the action the router takes if it encounters
traffic using that request method.

Configure RFC Request Method checkboxes

If you want the router to permit or deny HTTP traffic based on one of the HTTP
request methods specified in RFC 2616, Hypertext Transfer Protocol—HTTP/1.1,
check the box next to that request method. Use the Permit, Block, and Alar m
controls to specify the action the router takes if it encounters traffic using that
request method.
Content Options
You can have the router examine the content of HTTP traffic and permit or block
traffic, and generate alarms based on what things that you make the router check.
To learn about the buttons and drawers available in the Application Security tab,
click Application Security Windows.
Click Permit, Block, and Alarm Controls to learn how to specify the action that
the router takes if it encounters traffic with the characteristics that you specify in
this window.

Verify Content Type checkbox

Check if you want the router to verify the content of HTTP packets by m atching
the response with the request, by enabling an alarm for unknown content types, or
by using both of these methods. Use the permit, block, and al arm controls to
specify the action the router takes if requests cannot be matched with responses,
and when it encounters an unknown content type.