17-18
User Guide for Cisco Security Manager 4.4
OL-28826-01
Chapter 17 Managing Firewall Inspection Rules
Inspection Rules Page
Configure DNS Dialog Box
Use the Configure DNS dialog box to configure settings for DNS inspection on PIX 7.0+, ASA, FWSM,
and IOS devices.
Navigation Path
Go to the Add or Edit Inspect/Application FW Rule Wizard, Inspected Protocol Page, page 17-16, select
DNS in the protocols table, and click Configure.
Field Reference
Configure SMTP Dialog Box
Use the SMTP dialog box to edit settings for Simple Mail Transfer Protocol (SMTP) inspection. SMTP
is used to transfer email between servers and clients on the Internet.
SMTP inspection drops any packets with illegal commands. You can configure a maximum data length
for packets. Enter a length in the range 0-4294967295.
Navigation Path
Go to the Add or Edit Inspect/Application FW Rule Wizard, Inspected Protocol Page, page 17-16, select
SMTP in the protocols table, and click Configure.
Configure ESMTP Dialog Box
Use the Configure ESMTP dialog box to edit settings for Extended Simple Mail Transport Protocol
(ESMTP) inspection. You can configure these settings based on platform:
IOS devices—You can configure a maximum data length for packets. Enter a length in the range
0-4294967295.
ASA/PIX 7.x+ devices—You can specify an ESMTP policy map object to define deep inspection
parameters. Enter the name of the object or click Select to select it from a list or to create a new
object.
Table17-6 Configure DNS Dialog Box
Element Description
Maximum DNS Packet
Length
The maximum DNS packet length. Values are 512 to 65535.
DNS Map The DNS policy map object that defines traffic match conditions and
actions, protocol conformance policies, and filter settings. Enter the
object name, or click Select to select it. If the object that you want is
not listed, click the Create button to create it.
Enable Dynamic Filter
Snooping
Whether to allow the security appliance to snoop DNS packets in order
to build a database of DNS lookup information. This information is
used by botnet traffic filtering to match DNS names to IP addresses.
If you configure a botnet traffic filtering rules policy, select this option.
Otherwise, do not select the option. For more information, see Botnet
Traffic Filter Rules Page, page19-9.