17-16
User Guide for Cisco Security Manager 4.4
OL-28826-01
Chapter 17 Managing Firewall Inspection Rules
Inspection Rules Page
Add or Edit Inspect/Application FW Rule Wizard, Inspected Protocol Page
Use the Inspect/Application FW Rule wizard’s inspected protocol page to configure the protocol
monitored by this inspection rule.
The options in this section are presented when you add or edit a firewall inspection rule, and when you
right-click the Inspected Protocol cell of an existing rule in the table on the Inspection Rules Page,
page 17-7.
Navigation Path
Do one of the following:
In the Add or Edit Inspect/Application FW Rule Wizard, page 17-10, click Next until you reach this
page.
To open the Edit Inspected Protocols dialog box, right-click the Inspected Protocol cell of an
inspection rule and choose Edit Inspected Protocol. If you select multiple rows, your changes
replace the inspected protocol defined for all selected rules.
Related Topics
Add or Edit Inspect/Application FW Rule Wizard, Step 2, page 17-12
Understanding Inspection Rules, page 17-1
Choosing the Interfaces for Inspection Rules, page 17-2
Selecting Which Protocols To Inspect, page17-3
Understanding Access Rule Requirements for Inspection Rules, page 17-4
Using Inspection To Prevent Denial of Service (DoS) Attacks on IOS Devices, page17-4
Configuring Inspection Rules, page 17-5
Destinations Provide traffic destinations for this rule; can be networks or security
groups. As with Sources, you can enter values or object names, or
Select objects, for one or more destinations of Network and Security
Group (ASA 9.0+) type.
Services The services that define the type of traffic upon which to act. You can
enter or Select any combination of service objects and service types
(which are typically a protocol and port combination).
Enter more than one value by separating the items with commas.
For complete information on how to specify services, see
Understanding and Specifying Services and Service and Port List
Objects, page 6-86.
Time Range The name of a time range policy object that defines the times when this
rule applies. The time is based on the system clock of the device. The
feature works best if you use NTP to configure the system clock.
Enter the name or click Select to select the object. If the object that you
want is not listed, click the Create button to create it.
Table17-4 Add and Edit Inspect/Application FW Rule Wizard Step 2: Action, Sources,
Destinations, and Services Page (Continued)
Element Description