12-26
Cisco ASA Series Firewall ASDM Configuration Guide
Chapter12 Configuring Inspection for Voice and Video Protocols
SIP Inspection
Message Path Criterion Values—Specifies to match a SIP Via header. Applies the regular expression
match.
Regular Expression—Lists the defined regular expressions to match.
Manage—Opens the Manage Regular Expressions dialog box, which lets you configure regular
expressions.
Regular Expression Class—Lists the defined regular expression classes to match.
Manage—Opens the Manage Regular Expression Class dialog box, which lets you configure
regular expression class maps.
Request Method Criterion Values—Specifies to match a SIP request method.
Request Method—Specifies a request method: ack, bye, cancel, info, invite, message, notify,
options, prack, refer, register, subscribe, unknown, update.
Third-Party Registration Criterion Values—Specifies to match the requester of a third-party
registration. Applies the regular expression match.
Regular Expression—Lists the defined regular expressions to match.
Manage—Opens the Manage Regular Expressions dialog box, which lets you configure regular
expressions.
Regular Expression Class—Lists the defined regular expression classes to match.
Manage—Opens the Manage Regular Expression Class dialog box, which lets you configure
regular expression class maps.
URI Length Criterion Values—Specifies to match a URI of a selected type and greater than the
specified length in the SIP headers.
URI type—Specifies to match either SIP URI or TEL URI.
Greater Than Length—Length in bytes.
SIP Inspect Map
Configuration> Global Objects > Inspect Maps > SIP
The SIP pane lets you view previously configured SIP application inspection maps. A SIP map lets you
change the default configuration values used for SIP application inspection.
SIP is a widely used protocol for Internet conferencing, telephony, presence, events notification, and
instant messaging. Partially because of its text-based nature and partially because of its flexibility, SIP
networks are subject to a large number of security threats.
SIP application inspection provides address translation in message header and body, dynamic opening
of ports and basic sanity checks. It also supports application security and protocol conformance, which
enforce the sanity of the SIP messages, as well as detect SIP-based attacks.
Fields
SIP Inspect Maps—Table that lists the defined SIP inspect maps.
Add—Configures a new SIP inspect map. To edit a SIP inspect map, choose the SIP entry in the SIP
Inspect Maps table and click Customize.
Delete—Deletes the inspect map selected in the SIP Inspect Maps table.
Security Level—Select the security level (high or low).
Low—Default.